HackDig : Dig high-quality web security articles for hackers

‘Wormable’ Flaw Leads July Microsoft Patches

Microsoft today released updates to plug a whopping 123 security holes in Windows and related software, including fixes for a critical, “wormable” flaw in Windows Server versions that Microsoft says is likely to be exploited soon. While this particular weakness mainly affects enterprises, July’s care package from Redmond has a little someth
Publish At:2020-07-14 19:37 | Read:171 | Comments:0 | Tags:Time to Patch .NET Framework CVE-2020-1350 CVE-2020-1410 CVE

Microsoft Patch Tuesday, June 2020 Edition

Microsoft today released software patches to plug at least 129 security holes in its Windows operating systems and supported software, by some accounts a record number of fixes in one go for the software giant. None of the bugs addressed this month are known to have been exploited or detailed prior to today, but there are a few vulnerabilities that deserve s
Publish At:2020-06-10 01:42 | Read:279 | Comments:0 | Tags:Time to Patch CVE-2020-0796 CVE-2020-1225 CVE-2020-1226 CVE-

Microsoft Patch Tuesday, May 2020 Edition

Microsoft today issued software updates to plug at least 111 security holes in Windows and Windows-based programs. None of the vulnerabilities were labeled as being publicly exploited or detailed prior to today, but as always if you’re running Windows on any of your machines it’s time once again to prepare to get your patches on. May marks the th
Publish At:2020-05-18 13:12 | Read:338 | Comments:0 | Tags:Latest Warnings Time to Patch adobe acrobat adobe reader CVE

Microsoft Patch Tuesday, April 2020 Edition

Microsoft today released updates to fix 113 security vulnerabilities in its various Windows operating systems and related software. Those include at least three flaws that are actively being exploited, as well as two others which were publicly detailed prior to today, potentially giving attackers a head start in figuring out how to exploit the bugs. Nineteen
Publish At:2020-04-14 22:23 | Read:694 | Comments:0 | Tags:Time to Patch Allan Liska CVE-2020-0796 CVE-2020-0938 CVE-20

‘War Dialing’ Tool Exposes Zoom’s Password Problems

As the Coronavirus pandemic continues to force people to work from home, countless companies are now holding daily meetings using videoconferencing services from Zoom. But without the protection of a password, there’s a decent chance your next Zoom meeting could be “Zoom bombed” — attended or disrupted by someone who doesn’t bel
Publish At:2020-04-02 11:45 | Read:521 | Comments:0 | Tags:A Little Sunshine The Coming Storm Time to Patch Dave Kenned

Zxyel Flaw Powers New Mirai IoT Botnet Strain

In February, hardware maker Zyxel fixed a zero-day vulnerability in its routers and VPN firewall products after KrebsOnSecurity told the company the flaw was being abused by attackers to break into devices. This week, security researchers said they spotted that same vulnerability being exploited by a new variant of Mirai, a malware strain that targets vulner
Publish At:2020-03-20 12:41 | Read:512 | Comments:0 | Tags:Latest Warnings Time to Patch CVE-2020-9054 mirai Mukashi Pa

Microsoft Patch Tuesday, March 2020 Edition

Microsoft Corp. today released updates to plug more than 100 security holes in its various Windows operating systems and associated software. If you (ab)use Windows, please take a moment to read this post, backup your system(s), and patch your PCs. All told, this patch batch addresses at least 115 security flaws. Twenty-six of those earned Microsoft’s
Publish At:2020-03-10 23:24 | Read:594 | Comments:0 | Tags:Time to Patch Animesh Jain Application Inspector CVE-2020-06

Zyxel 0day Affects its Firewall Products, Too

On Monday, networking hardware maker Zyxel released security updates to plug a critical security hole in its network attached storage (NAS) devices that is being actively exploited by crooks who specialize in deploying ransomware. Today, Zyxel acknowledged the same flaw is present in many of its firewall products. This week’s story on the Zyxel patch
Publish At:2020-02-26 12:56 | Read:387 | Comments:0 | Tags:Latest Warnings Time to Patch 0day alex holden zero day ZyXe

Zyxel Fixes 0day in Network Storage Devices

Patch comes amid active exploitation by ransomware gangs Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the company that precise instructions for exploiting the vulnerabili
Publish At:2020-02-24 15:24 | Read:518 | Comments:0 | Tags:Latest Warnings The Coming Storm Time to Patch 0day 500mhz a

Microsoft Patch Tuesday, February 2020 Edition

Microsoft today released updates to plug nearly 100 security holes in various versions of its Windows operating system and related software, including a zero-day vulnerability in Internet Explorer (IE) that is actively being exploited. Also, Adobe has issued a bevy of security updates for its various products, including Flash Player and Adobe Reader/Acrobat.
Publish At:2020-02-11 21:48 | Read:583 | Comments:0 | Tags:Time to Patch Alan Liska CVE-2019-1280 CVE-2020-0618 CVE-202

Apple Addresses iPhone 11 Location Privacy Concern

Apple is rolling out a new update to its iOS operating system that addresses the location privacy issue on iPhone 11 devices that was first detailed here last month. Beta versions of iOS 13.3.1 include a new setting that lets users disable the “Ultra Wideband” feature, a short-range technology that lets iPhone 11 users share files locally with o
Publish At:2020-01-22 20:35 | Read:926 | Comments:0 | Tags:A Little Sunshine Time to Patch apple Brandon Butch iPhone 1

Patch Tuesday, January 2020 Edition

Microsoft today released updates to plug 50 security holes in various flavors of Windows and related software. The patch batch includes a fix for a flaw in Windows 10 and server equivalents of this operating system that prompted an unprecedented public warning from the U.S. National Security Agency. This month also marks the end of mainstream support for Win
Publish At:2020-01-15 03:35 | Read:633 | Comments:0 | Tags:Time to Patch CVE-2020-0601 Johns Hopkins University Kenneth

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows. Those sources say Microsoft has quietly shipped a patch for the bug to branches of the U.S. military and to other high-value customer
Publish At:2020-01-13 20:35 | Read:699 | Comments:0 | Tags:Time to Patch Anne Neuberger CERT Coordination Center CERT-C

Patch Tuesday, December 2019 Edition

Microsoft today released updates to plug three dozen security holes in its Windows operating system and other software. The patches include fixes for seven critical bugs — those that can be exploited by malware or miscreants to take control over a Windows system with no help from users — as well as another flaw in most versions of Windows that is alrea
Publish At:2019-12-11 03:35 | Read:1013 | Comments:0 | Tags:Time to Patch Microsoft Patch Tuesday December 2019 Recorded

Patch Tuesday Lowdown, October 2019 Edition

On Tuesday Microsoft issued software updates to fix almost five dozen security problems in Windows and software designed to run on top of it. By most accounts, it’s a relatively light patch batch this month. Here’s a look at the highlights. Happily, only about 15 percent of the bugs patched this week earned Microsoft’s most dire “crit
Publish At:2019-10-09 04:40 | Read:6274 | Comments:0 | Tags:Latest Warnings Security Tools Time to Patch CVE-2019-1367 I


Share high-quality web security related articles with you:)