Securezoo Cybersecurity Threat Center blog posts of new vulnerabilities and exploits.
GitHub ran a security scan to find old vulnerabilities in JavaScript and Ruby libraries in over a half million public repositories. The scan results turned up over four million vulnerabilities and sent alerts to developers to patch the bugs. GitHub is leading software development platform used to host, review and manage software source code, used by millions of developers.
GitHub scans and finds 4M vulnerabilities Read More »
Microsoft issued March 2018 Security Updates that includes 75 vulnerability fixes, 15 of them rated critical. The updates address multiple Microsoft products to include Windows, Internet Explorer, Edge, Exchange, Office, Office Services and Web Apps, ChakraCore, PowerShell and Adobe Flash.
Microsoft March 2018 patch updates Read More »
Hackers have attacked over 1,400 Apache Solr servers late last month to install a cryptocurrency miner.
Hackers exploit Apache Solr instances with cryptocurrency miner Read More »
Nearly 400,000 servers are at risk to a remote code execution vulnerability that impacts open-source Exim message transfer agent (MTA).
Exim remote code execution vulnerability exploits Read More »
Microsoft provided security updates earlier this week to address the Spectre Variant 2 (CVE 2017-5715) data leaking vulnerability that affects Intel’s Skylake H/S (6th generation Core CPUs) and Skylake U/Y & Skylake U23e (6th Generation Core m Processors).
Spectre Variant 2 patches Read More »
Do you have any internet-facing devices running memcached? Security experts warn that systems exposed to the internet and running memcached on port 11211 UDP and TCP are being exploited in a new distributed denial-of-service (DDoS) reflection attack.
Cache utility memcached is being exploited Read More »
Duo Labs has found SAML protocol vulnerabilities that impact multiple vendor single sign-on (SSO) systems.
SAML vulnerabilities affect multiple SSO implementations Read More »
Trend Micro security researchers have spotted an Oracle vulnerability that is being abused to deliver dual Monero miner malware. The Oracle WebLogic WLS-WSAT vulnerability (CVE-2017-10271) allows remote code execution and was patched by Oracle back in October.
Oracle vulnerability exploited to deliver dual Monero miners Read More »
Apple is rushing to fix a another ‘Text Bomb’ bug that crashes a number of iOS and Mac apps.
Apple’s ‘Text Bomb’ bug Read More »
Security researchers from Trend Micro have spotted two vulnerabilities that are being exploited on popular CouchDB open source database management systems.
Apache CouchDB vulnerabilities exploited Read More »
