update

Software Security

Issued by: Dark Reading

Following the Colonial Pipeline hack — one of the highest-profile attacks against US critical infrastructure to date — in 2021, the Department of Homeland Security’s Transportation Security Administration (TSA) released two unprecedented Security Directives, requiring owners and operators of gas and liquid pipelines to implement strict new protections against cyberattacks. On July 21, the TSA…

Vulnerabilities

Issued by: Security Week

The critical flaw, tracked as CVE-2022-0971, has been described as a use-after-free issue affecting the Blink Layout component. Sergei Glazunov of Google Project Zero has been credited for reporting the flaw. Google doesn’t often assign a “critical severity” rating to Chrome vulnerabilities. In fact, over the past year, only four other Chrome updates fixed a…

Software Security

Issued by: CSO

A recent Microsoft Ignite session reminded me about how much Windows 10 has changed over the years. We often forget that when we don’t update to newer versions, we miss out on the improved security features in each release. It’s easy to forget the advances and security features that Windows 10 has added over the…

Vulnerabilities

Issued by: Dark Reading

For the second straight quarter this year, Oracle’s latest critical patch update (CPU) released this week contained more than 400 security patches addressing vulnerabilities in a wide range of the company’s product sets. With 402 patches, Oracle’s October 2020 CPU was slightly smaller than its previous one in July, which contained a record-breaking 444 security…