On August 26, 2025, Citrix released a security bulletin addressing three newly disclosed vulnerabilities in NetScaler ADC and NetScaler Gateway…
Executive Summary A critical remote code execution (RCE) vulnerability in Apache ActiveMQ is being actively exploited to deliver DripDropper, a sophisticated…
Executive Summary A critical security flaw in Microsoft Windows, tracked as CVE-2025-29824, has recently been weaponized in targeted ransomware campaigns, leveraging…
Fortinet has issued a critical security advisory regarding a high-severity vulnerability in its FortiSIEM platform, identified as CVE-2025-25256. This flaw,…
A fundamental vulnerability within the HTTP/1.1 protocol poses a significant threat to millions of websites, potentially allowing attackers to execute…
Trend Micro has warned that attackers target critical unauthenticated command injection vulnerabilities (CVE-2025-54948, CVE-2025-54987) in its on-premise Apex One endpoint…
A significant security flaw, CVE-2025-53786, has been discovered in Microsoft Exchange Server hybrid environments. This flaw could enable attackers with…
Executive Summary The Raspberry Robin malware, a sophisticated and evolving threat, actively exploits a new vulnerability in Windows systems. First…
A critical vulnerability has been discovered in the Squid Web Proxy server, which could allow remote attackers to execute arbitrary…
Apple has rolled out critical security updates across its platforms to address a high-severity vulnerability in the WebKit engine. This…
A critical zero-day vulnerability in SAP NetWeaver, CVE-2025-31324, is being exploited to deliver "Auto-Color," a stealthy Linux backdoor. The vulnerability…
Microsoft Threat Intelligence recently disclosed a serious macOS vulnerability dubbed Sploitlight. It tracked as CVE-2025-31199 that leverages Spotlight importer plugins…
A threat actor, codenamed Fire Ant, has targeted virtualization and networking infrastructure as part of a prolonged cyber-espionage campaign uncovered…
Broadcom has recently addressed multiple critical vulnerabilities affecting VMware ESXi, Workstation, Fusion, and Tools. These vulnerabilities could allow attackers to…
A critical vulnerability, CVE-2025-47812, in Wing FTP Server is under active exploitation, allowing unauthenticated remote code execution with root or SYSTEM…
Modern Linux systems implement layers of security, including Secure Boot, full-disk encryption, and bootloader passwords. However, a long-standing vulnerability in…
Critical security vulnerabilities have been discovered in the Ingress-NGINX Controller for Kubernetes. CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974—collectively known as 'IngressNightmare'—allow…
Everybody shops online or in supermarkets and shops. The digital transformation has aided and simplified how we shop. But every…
Stopping cyberattacks isn’t easy, but preventing them can be if you properly implement vulnerability management. However, managing vulnerabilities can be…
Veeam has recently released critical security updates addressing a total of 18 vulnerabilities across its software products, with five of…
Zyxel, a communications company, has released an advisory warning users of a critical input validation vulnerability impacting many of its…
We have a love-hate relationship with debt. But why am I talking about debt in a vulnerability management blog? Vulnerability…
Google has released Chrome 128, a significant update that addresses multiple high-severity vulnerabilities that could potentially impact the security and…
Apache just patched a critical vulnerability (christened CVE-2024-38856) in OFBiz, their open-source ERP system. Discovered by SonicWall Capture Labs, this…
Scale. One word we can use to define the cybersecurity world over the past few decades. Networks and devices in…
A critical vulnerability in the Cisco Smart Software Manager On-Prem (SSM On-prem) authentication system that allowed unauthenticated, remote attackers to…
GeoServer, an open-source tool used to share and modify geospatial data, is under attack. CVE-2024-36401, which impacts the GeoTools plugin,…
A quick recap In the previous episode, it’s a somber and serious scene at the Security HQ of Mis-Tech. After…
A severe remote code execution (RCE) vulnerability in the widely used Ghostscript library is being actively exploited. This vulnerability, identified…
Linux users beware! OpenSSH flaw, a networking utility installed on every Unix and Linux system by default, is affected by…
A stunning silence had erupted in a national bank. My brother, our finance person, and I sat in their office.…
Attack surface reduction is the single most important step to secure your organization from cyberattacks. But it can be lengthy,…
A recent surge of critical remote code execution (RCE) vulnerabilities has been discovered in VMware vCenter Server and Cloud Foundation…
The security room of Mis-Tech was silent. John, the CISO, was keeping a cool face while freaking out inside. “Where…
Attack surface reduction is arguably the most important step in preventing cyberattacks. It is the fundamental step you must perfect…
Microsoft released its May edition of Patch Tuesday, in which 61 vulnerabilities and three actively exploited zero days were addressed.…
Patch Management is one of the most critical components of the vulnerability management and cyberattack prevention process. It streamlines, regulates,…
Microsoft's April 2024 Patch Tuesday wasn't your average update day. While a record number of vulnerabilities were addressed (149), a…
The biggest reason for cyberattacks has been vulnerabilities. However, the trend has slowly changed, with threat actors using different methods…
Compliance promises brand reputation gains and competitive advantage. It is a proven way to demonstrate the effectiveness of security posture…
It's been a calm year so far for patches! January saw no zero days, February only saw two, and March…
A mountain of vulnerabilities and no way of knowing the most critical ones. This is the story of every modern…
The odds are stacked against the IT team, who are at work daily to protect their organization against cyberattacks. It…
An agentless scanner can detect every vulnerability without leaving a trace. It can silently detect vulnerabilities without installing an agent…
Configuration management database (CMDB) gives vulnerability management a strong underpinning. CMDB functions as a centralized database that contains information about…
The sophistication of cyber-attacks isn’t waning. The rise in ransomware attacks is sound proof of that. Instead, it adds to…
How many vulnerabilities do you have in your IT infrastructure right now? The odds are that the number could be…
What have you been doing for cyberattack prevention? Listing IT assets and assessing vulnerabilities alone? In the modern scenario of…
The security team members at ACME were scurrying around the office. The CISO was blasting orders, and the sysadmins were…
The cURL development team has recently disclosed a high-severity heap buffer overflow vulnerability (CVE-2023-38545), which poses a substantial risk of…
This Patch Tuesday, Microsoft fixed 104 vulnerabilities, with 13 rated as critical and 91 rated as important. Remote code…
Enterprises are constantly challenged to protect their data and assets from malicious attacks requiring many efforts to identify and address…
Microsoft Patch Tuesday, July 2023 addressed 132 flaws through security updates. In fact, among them are six flaws being exploited and thirty-seven…
In the soaring number of cyberattacks that target a wide range of organizations, IT security admin must be aware of…
Apple fixes multiple security vulnerabilities for various products in the Apple Security Updates in May 2023. A total of 59…
Vulnerability management is one of the most critical cybersecurity tasks for cyberattack prevention. But effective vulnerability management is not easy…
According to the 2022 VPN Risk Report, 44% of cybersecurity professionals observed increased VPN attacks. A vulnerability management software can detect and remediate…
Microsoft has released its May 2023 Patch Tuesday updates, including fixes for 38 vulnerabilities. This month's patch is considered one…
Given the constant evolution and increasing sophistication of cyber-attacks, it is essential to have a strong patch management lifecycle and…
Microsoft has finally released April 2023 Patch Tuesday security updates, addressing a total of 97 vulnerabilities. However, Seven are classified as critical…
Even with great vulnerability management software, your attack surface mitigation is based on the vulnerabilities you detect. And in the…
Apple's March 2023 Updates released multiple security updates in-order to patch various Apple products affected by multiple vulnerabilities. A total…
The cyberattack on LastPass, a popular password management firm, was unexpected and stunned the world. A vulnerability in a 3rd…
Being an IT security admin feels like you are the “Mr. Fix-It” of your organization. But we know that IT…
In March 2023 Patch Tuesday Releases, Microsoft addressed 80 CVEs, of which nine were rated as critical, including 2 Zero-day,…
Accessing IT infrastructure is fundamental to building and maintaining a security posture. IT security admins have superficial visibility of their…
You might have a concrete vulnerability management plan and robust security practices, but sometimes, the most obvious outliers and attack…
Good grief, LastPass.. The popular password management firm with a motive of safeguarding people's sensitive information, has become a breach static. One…
Cybercriminals are constantly trying to one-up IT security admins in the ever-evolving cybersecurity landscape. As soon as a new threat…
SanerNow can detect and remediate risks and protect your organizations from dangerous cyberattacks using vulnerability management tool. Be it software…
Vulnerability assessment is a lengthy process that makes up the foundation of your vulnerability management program. It helps you efficiently…
Vulnerabilities are growing exponentially, and it strains IT security admins to remediate them and protect the organization from cyberattacks. Patch…
Microsoft has released February 2023 Patch Tuesday security updates, addressing 77 vulnerabilities. 9 are classified as critical as they allow…
Hardening and patching mac endpoints are essential steps in securing a network against cyber-attacks. Although mac endpoints are known for…
Any system connected to a network is open to vulnerabilities in the eyes of hackers. According to SecPod’s security research,…
Software vulnerability management process is a process of identifying, prioritizing, and remediating vulnerabilities and other security risks. Implementing this can…
With every passing day, every vendor seems to release many patches to their software application to fix vulnerabilities. But with…
System vulnerability management is vital in maintaining the security posture of your organization. As your organization grows with new technology…
The CISO and the sysadmin at the_Teckies were desperately looking for a network vulnerability scanner. Talks of a dangerous misconfiguration…
Oracle releases security updates of January 2023, 327 security patches for various product families, including Oracle Communications, Oracle Fusion Middleware,…
Microsoft has released January 2023 Patch Tuesday security updates, addressing 98 vulnerabilities. Also, 11 are classified as critical as they…
As he handed over the keys to his network, Rob recalled how it all began for him 30 years ago.…
In the face of a threat landscape that has evolved over the years, IT security teams still need to progress…
Cybercriminals are always looking for security weaknesses to steal sensitive and confidential information. Especially in software development environments, IT security…
Twenty years ago, the talks of cloud technology were still in their inception. But today, it has taken over the…
IT Security Risk Posture assessment is a term commonly thrown around in the wild. Risk posture is a complete overview…
According to SecPod research statistics, 12000+ vulnerabilities are exploited with more than 15 zero-days in the first two quarters of…
A critical Linux kernel vulnerability 5.15 was found in SMB servers with KSMBD enabled. KSMBD is a Linux kernel server…
It’s the holiday season, and sysadmins need a break too. Mike and Robert, friends and senior sysadmins in two different…
Microsoft's December 2022 Patch Tuesday has arrived, bringing fixes for two zero-day vulnerabilities, moreover, one of which is currently being…
In the face of exponential growth in vulnerabilities, IT admins struggle to keep up with the vulnerabilities in devices across…
Atlassian released patches for two critical vulnerabilities of November 2022 affecting Bitbucket Server, Data Center, and Crowd products. Using a…
Two high-severity vulnerabilities are disclosed in F5, affecting the F5 BIG-IP and BIG-IQ devices that can lead to a complete compromise…
Cyberattack surfaces are constantly evolving with an abundance of vulnerabilities. According to SecPod’s security research, the second quarter of 2022…
Are you willing to read reports which are 10,000 pages long? Not me, though. Vulnerability management reports are crucial while…
The most common security framework policies, like HIPAA, PCI, NIST, etc., talk about vulnerability management controls, which are a set…
Microsoft has released patches for 65 vulnerabilities in its Microsoft November Patch Tuesday of which 6 are actively exploited Zero-Day.…
Cyberattacks are on the rise! More than 60% of companies have been under cyber-attack. The initial cause of all these…
Payment Card Industry Data Security Standard (PCI DSS) is a data safety requirement to be followed by all companies and…
Vulnerability scans show a large volume of vulnerability data which could be unstructured and complex to analyze. Bulky, hard-to-read data…
When you repeatedly perform the same thing over and over again, it becomes tedious and laborious. Lengthy scans, correlation of…
On October 25, 2022, the OpenSSL team issued a major flaw alert to users. OpenSSL 3.0.7 was released on November…
Google has recently released an emergency security fix to patch a Zero-Day vulnerability CVE-2022-3723. This vulnerability was in the Chrome…
Apple's critical security update October 2022 released security updates to address vulnerabilities in multiple products. A total of 125 vulnerabilities were addressed.…
Cisco AnyConnect Secure Mobility Client allows users to connect to remote systems through a VPN. On October 26, 2022, Cisco…
Apache Common Text is used for advance text handling functions such as escaping special characters and the similarity of strings…
Microsoft has released October 2022 Patch Tuesday security updates, addressing 84 vulnerabilities. Indeed 13 are classified as critical as they…
vm2 is a node module for creating a real sandbox in the node. It is also the most widely used Javascript…
Zimbra Collaboration Suite (ZCS), a widely used web client and email server, has an unpatched zero-day remote code execution (RCE)…
Microsoft warned that two zero-day vulnerabilities ( CVE-2022-41040 and CVE-2022-41082 ) are being used against Exchange Server without a patch.…
We're excited to announce our new release SanerNow 5.2. With a goal of elevating security while using SanerNow, we have…
Security researcher Bobby Rauch identified seven different vulnerabilities in Microsoft Teams. These flaws can be used in a series to…
A simple message on a secure(*cough) internal channel saying YOU HAVE BEEN HACKED is a terrifying nightmare for all employees,…
Whether it was WannaCry, the biggest ransomware attack, or Petya, the attack that invaded many organizations in US and Europe,…
Microsoft released its monthly (September's) security update, Patch Tuesday, disclosing 63 vulnerabilities across the company's hardware and software line. Microsoft…
Apple released an emergency update to address two zero-day vulnerabilities. The vulnerabilities are tracked as CVE-2022-32893 (out-of-bounds in WebKit) and CVE-2022-32894 (out-of-bounds issue in…
Google has released security fixes for the desktop Chrome app on Windows, Linux, and Mac. This consists of Ten vulnerabilities…
Microsoft fixes 121 vulnerabilities up against 17 'critical' and the rest 'important' in its August 2022 Patch Tuesday update. Compared…
Apple July 2022 Security Updates addressed vulnerabilities in the following products: Safari macOS watchOS tvOS iOS and iPadOS Deploy these…
Atlassian released patches for three critical vulnerabilities (CVE-2022-26136, CVE-2022-26137, CVE-2022-26138). Out of the three flaws, two impacts Confluence Server, Confluence…
Microsoft recently patched a high severity security vulnerability in its July 2022 Patch Tuesday. This security vulnerability is wildly exploited…
Researchers have discovered a new Speculative execution attack called Retbleed, which affects both Intel and AMD processors that can result…
Microsoft fixes 84 vulnerabilities, including four critical, one zero-day, and 79 others as important in its July 2022 Patch Tuesday…
The OpenSSL has released patches to address OpenSSL high severity vulnerability CVE-2022-2274 and CVE-2022-2097, along with moderate severity ones, in…
Microsoft has released June 2022 Patch Tuesday security updates, addressing 55 vulnerabilities. Three are classified as critical, and 52 as…
OGNL Injection Vulnerability was discovered in Atlassian Confluence Server and Data Center, and it is tracked with CVE-2022-26134. This Atlassian Zero-Day vulnerability…
A remote code execution vulnerability was discovered in MSDT (Microsoft Support Diagnostic Tool), which is tracked with CVE-2022-30190. Vulnerability exploitation is…
A medium severity zero-day vulnerability has been found in the health check RPM of Cisco IOS XR – An Internetwork…
Microsoft May 2022 Patch Tuesday has released security updates addressing a total of 75 detected vulnerabilities. On the other hand, 8…
A Remote Code Execution vulnerability was detected (CVE-2022-1388) in F5 BIG-IP. This flaw affects the BIG-IP iControl REST authentication component.…
Oracle has released critical security updates for April 2022, containing 520 security patches for a wide range of product families,…
Microsoft has released April's 2022 Patch Tuesday security updates for 119 detected vulnerabilities, including two zero-days and nine being rated…
After putting in months of hard work, we are back now with a new product update. Our SanerNow 5.1 is…
The Spring Framework is an application framework and inversion of the control container for the Java platform developed by VMware.…
Apple April 2022 Security Update, two high severity zero-day flaws tracked as "CVE-2022-22674" and "CVE-2022-22675" have been reported in Apple…
With cybersecurity threats on the rise, attackers use more sophisticated techniques to steal sensitive information. From small companies to large…
A Pandora ransomware attack targeted Denso Corp, a supplier of Toyota Motor Corporation. The confirmation came after the Pandora Ransomware…
Once the vulnerability assessment process is completed, security teams generate bulky reports for further analysis. Though these reports are detailed…
In today's rapidly evolving threat landscape, organizations face a constant barrage of vulnerabilities that can potentially expose their systems to…
Cybersecurity is essential to every enterprise as there is no sign of dipping of security threats. An increase in cybercrimes…
Microsoft has released March 2022 Patch Tuesday security updates with a total of 92 vulnerabilities, which include 3 Zero-Days, 3 CVEs rated…
When securing your Linux environment, you cannot miss the Linux Kernel. It forms the foundation of your Linux operating system…
Mozilla has released an out-of-band security update for Firefox, Firefox ESR, Firefox Focus, Firefox for Android, and Thunderbird, fixing two…
Cyberattacks have been around for over 30 years now. Organizations have witnessed and lived through the devastating effect of these…
In today's Information-rich era, data security is a top concern for organizations. As per the study, cyber-attacks are launched 2,244…
2021 was yet another year of IT security chaos and uncertainties. The year saw a drastic acceptance of the hybrid…
A high-severity zero-day flaw tracked as CVE-2022-0609 in Google Chrome is exploited in attacks. It is finally resolving with the…
The impact of the pandemic has brought a multitude of security challenges for the IT security team and chief information…
On February Patch Tuesday, SAP has released security updates to patch vulnerabilities affecting multiple SAP products, including critical vulnerabilities affecting…
Although there are several ways to secure IT assets, the only way to truly understand the existing security's effectiveness is…
Cyber-attacks are becoming extensively aggressive with every passing day, week, month, and year. To add fuel to the gasoline, cyberattacks…
There will always be an IT admin team that consistently remediates vulnerabilities due to the possibility of security threats. The…
Most of the Linux distributions have the pkexec binary. The vulnerability (CVE-2021-4034) lies in that binary. The pkexec is a…
Apple critical security update Jan 2022 has released security updates for multiple products. A total of 16 vulnerabilities were addressed.…
According to a study by Ponemon Institute, 55% of enterprises say they spend more time manually navigating through the various…
Oracle has released 497 new security patches for various product families, including Oracle Communications, Oracle MySQL, Oracle Financial Services Applications,…
Like most security admins, Rob is always on his toes to protect the digital infrastructure of his organization from bad…
We all know the importance of vulnerability management in cyber-security. The pace with which the vulnerabilities are rising and their patches overwhelmed enterprises to…
Zoho Corporation has released patches for its ManageEngine Desktop Central and Desktop Central MSP solutions affected by CVE-2021-44757, a critical…
Mozilla has released security updates for Firefox, Firefox ESR (CVE-2022-22746), and mailing client Thunderbird. There are 18 vulnerabilities in Firefox,14 vulnerabilities…
Microsoft's January 2022 Patch Tuesday security patch includes a total of 97 vulnerabilities detected, including six zero-day with nine classified as…
With another year wrapped up and the dawn of a new year, there are oceans of uncharted waters in the…
JFrog has recently disclosed a remote code execution vulnerability on H2 Database consoles. This is based on a Java Naming…
Linux is the backbone of most modern business organizations and a massive network. Amazon, the largest cloud provider globally, runs…
It’s that time of the year! For starters, a heartfelt congratulations for everyone who successfully ventured into completing around the…
Ransomware has made its way into the consciousness of business owners and security admins over the past two years. As…
Winter holidays are everyone's favorite time, especially for hackers. The holiday season is when people reach out to friends and…
Since the inception of the Internet, cyberattacks have been a major concern globally. Due to the global pandemic, there is…
Adobe security update December 2021, they have released security updates providing fixes for 28 critical vulnerabilities in Adobe After Effects,…
Microsoft has released December 2021 Patch Tuesday security updates with a total of 67 Vulnerabilities, including a zero-day being actively…
All Java applications come with Log4j, a logging library/facade that allows programmers to release output logs to numerous output targets.…
Mozilla has finally released security update December 2021 for its browsers Firefox and Firefox ESR and mailing client Thunderbird. So, there are…
Mozilla has recently fixed a critical memory corruption vulnerability using their vulnerability manager. This was affecting its cross-platform Network Security…
As the IT infrastructure and the business data becomes more complex, security concerns in businesses increase drastically. According to the…
Microsoft recently patched a Windows Installer Elevation of Privilege vulnerability tracked as CVE-2021-41379 in its November Patch Tuesday. As we…
For the past two decades, vulnerability management and security compliance have gradually occupied an important spot in the list of…
'To patch or not to patch' is the perplexing dilemma that every security admin goes through almost every day. Patching…
Intel has recently disclosed a short advisory with details of high severity for 3 CVEs here. They are CVE-2021-0157, CVE-2021-0158, and…
After the November patch Tuesday, Microsoft released emergency Out-Of-Band update to address authentication failures related to Kerberos delegation scenarios impacting…
Microsoft has released Patch Tuesday November 2021 security updates with a total of 55 Vulnerabilities, including six Zero-days rated as critical,…
Cisco has released security updates for multiple products to address critical, high, and medium severity vulnerabilities for twelve different Cisco…
Ponemon Institute notes that around 60% of breaches could have been easily avoided if organizations had included a vulnerability management…
Who doesn't love the smell of freshly brewed coffee? There is no better aroma that keeps me up than the…
Google has released a security advisory for its Chrome users on Windows, Mac, and Linux, addressing seven security vulnerabilities. However,…
Adobe has finally released October 2021 security updates providing fixes for 66 critical vulnerabilities in Adobe After Effects, Premiere Pro,…
Brad and Smith are security administrators of an enterprise with 2000 devices. One of their prime responsibilities is to manage vulnerabilities in…
Discourse is one of the most popular open-source community forums and mailing list management software applications. A critical code execution…
Oracle Critical Updates October 2021 has finally released 419 new security patches for various product families, including Oracle Mysql, Oracle…
Microsoft has released October Patch Tuesday security updates with a total of 81 vulnerabilities, which include Four Zero-Days, Three CVEs…
Microsoft Open Management Infrastructure (OMI) is an open-source project which allows users to manage configurations across remote and local environments…
With the changing security landscape and the complex threat surface, security teams are engaged in the battle of their lives…
Adobe Critical Security Updates September 2021 fixes for 34 critical vulnerabilities in Adobe Acrobat and Reader, Premiere Pro, InCopy, etc. Moreover,…
According to Gartner, vulnerabilities are the prime cause of the majority of security breaches today. Although most of these are…
Zoho Patches Critical Zero-day Flaw in ADSelfService to patch a remote code execution (RCE) vulnerability existing in Zoho ADSelfService plus.…
Netgear is a multinational computer networking company that produces networking hardware for consumers, businesses, and service providers. Netgear identified three…
Atlassian Confluence recently published a security advisory to patch a critical OGNL(Object-Graph Navigation Language) injection vulnerability existing in Confluence Server…
The Pandemic took the world in its clutches back in 2020 and brought several unprecedented changes that changed the world…
VMware, the virtualization giant, has patched six vulnerabilities, including 4 high severity vulnerabilities, in its recent security update VMSA-2021-0018. The…
A critical and high severity remote code execution vulnerability CVE-2020-25223 with CVSS 3. x severe base score 9.8 is present…
Microsoft Exchange Servers are actively exploited in the wild by various threat actors. Attackers are looking for vulnerable instances of…
As part of its August 2021 Patch Tuesday, Adobe has rolled out fixes for its e-commerce platform, Magento. These updates…
Microsoft has released August Patch Tuesday security updates with a total of 44 vulnerabilities in the family of Windows and…
Cyber threats are growing in number, but the measures to prevent attacks and breaches are not getting the same attention.…
Millions of routers are exposed to a security flaw that existed for a decade in home routers with Arcadyan firmware.…
Cisco is one of the popularly known firms for manufacturing networking products along with developing software products. Recently it addressed…
Sysadmins are usually stamped as nerds who live secluded from the rest of the ‘social butterflies.' Some of this may…
IT landscape is expanding and getting more complex day by day. With the growing number of cyberattacks and changing working…
Apple Security Patches has released an urgent update to address a critical zero-day vulnerability that is being exploited in the…
There are two new vulnerabilities that were discovered on Tuesday, which affect Windows and Linux machines. An easily exploitable privilege…
Oracle Critical Security Updates July 2021 has released 342 new security patches for a wide range of product families. However,…
A critical SQL injection vulnerability was recently fixed in the WordPress plug-in, WooCommerce. The vulnerability poses a threat to over…
Microsoft has released July Patch Tuesday security updates with a total of 117 vulnerabilities in the family of Windows, Mac, and…
After numerous discussions, brainstorming sessions, day-night development, and rigorous testing, we are thrilled to announce the most exciting release of…
As more employees are working remotely and IT structures have moved to the cloud, cyber-attacks have also become more sophisticated.…
Kaseya is a US-based organization that provides IT and security management solutions for managed service providers (MSPs) and small to…
A critical zero-day vulnerability has been discovered in Microsoft Windows Print Spooler. This high severity vulnerability dubbed as PrintNightmare is…
Vulnerability management solution is usually the most painstaking process for an IT/security team. The teams struggle to run full vulnerability…
Google has released an emergency fix for its Chrome browser app in Windows, Linux, and Mac. This consists of four…
Digital transformation has pushed the boundaries of business operations. With expanding boundaries, there’s a drastic increase in the probability of…
Adobe has finally released security updates providing fixes for 21 critical vulnerabilities in Adobe Creative Cloud Desktop Application, After Effects,…
Microsoft has released June Patch Tuesday, security updates with a total of 50 vulnerabilities in the family of Windows and…
A critical zero-day vulnerability has been discovered in a WordPress plugin called Fancy Product Designer. A Wordfence Threat Intelligence team…
Apple patches critical Zero-Day vulnerabilities on its various products in the latest May update. This release includes three critical zero-day…
Microsoft recently patched a critical remote code execution vulnerability in the HTTP Protocol Stack (http. sys). Used by the Windows…
A series of critical vulnerabilities were recently disclosed to reside in the popular internet mailer, Exim. The vulnerabilities, collectively termed…
Apple released May 2021 zero-day exploit security updates for multiple products, including Safari, macOS, iOS, iPadOS, tvOS and watchOS. Apple…
Google has released a new version 90 to fix high severity vulnerability in the V8 Javascript component of Google Chrome.…
Apple released security updates for multiple products. The exploitation of some of these security flaws will allow an attacker to…
A threat actor is actively exploiting a bug currently in Trend Micro's security products to do privilege escalation on Windows…
Pulse Secure released an advisory on April 19 about a Critical Zero-day Authentication Bypass vulnerability identified as CVE-2021-22893 in Pulse Connect…
Cloud based patch management software play a major role to secure your IT infrastructure. Time and again, unpatched software is…
Google Chrome users who were relieved by patching the recent zero-day advisory are taken aback by the news of another…
Attackers are continuously looking for new vulnerabilities to take advantage of. They easily exploit the ones that are not remediated…
Microsoft Security Bulletin April 2021 has released Patch Tuesday, security updates with a total of 108 vulnerabilities in the family…
2020 has been a disaster for many organizations: multiple data breaches, ransomware attacks, and internal threats. After 2020, IT as…
VMware, the virtualization giant, has released two advisories addressing three critical vulnerabilities in multiple products. VMSA-2021-0004 advisory fixes CVE-2021-21975, CVE-2021-21983…
Two high-severity vulnerabilities were recently revealed to be present in the popular cryptography library, OpenSSL. While one of the vulnerabilities…
Cisco has rolled out security patches for critical, high, and medium severity vulnerabilities. In the Advisory, Cisco Security Updates March…
Adobe has released a critical security update that impacted Adobe ColdFusion and is assigned with a priority rating of 2.…
Two critical vulnerabilities have been found in popular bulletin board software called MyBB. The vulnerabilities can be chained together to…
Google has released a second emergency update for its Chrome Browser this month. Chrome version 89.0.4389.90 for Windows, Mac, and…
Microsoft Patch Tuesday March 2021 has released March Patch Tuesday security updates. The updates address 82 vulnerabilities in the family…
When it comes to security attacks, studies show that 70% of the security breaches originate at endpoints. The need to…
How many times have you blissfully ignored the update notification and clicked on "remind me later"? Yes, in the busy…
Google has released a security advisory for its Chrome users on Windows, Mac, and Linux, addressing 47 security vulnerabilities. This…
Microsoft has released patches for Exchange Server. The advisory addresses the following vulnerabilities - CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065. Microsoft…
The CVE-2021-21972 remote code execution vulnerability was reported by Mikhail Klyuchnikov from Positive Technologies. A vulnerability management tool discovered this. The…
At SecPod, we always strive towards making your endpoint security and management operations smooth and effective. To help you make…
QNAP addresses multiple vulnerabilities in its product line affecting Surveillance Station and Photo Station applications using a vulnerability management tool.…
Adobe Security updates February 2021 released security updates providing fixes for 33 critical vulnerabilities in Adobe Magento, Adobe Acrobat, Reader, Photoshop,…
Microsoft has roll-out its February 2021 patch Tuesday security updates on this month's for 56 vulnerabilities, including a zero-day in…
An average IT team uses a vast collection of tools and techniques to execute security tasks. A vulnerability management tool,…
Cisco Security Updates February 2021 has been released address high severity vulnerabilities for twelve different Cisco products using a patch…
Three new security vulnerabilities have recently been identified in various SolarWinds products. Three of the vulnerabilities are severe, and the…
The Sonicwall Zero day Attack. NCC Group recently reported that an active zero-day SonicWall SMA 100 zero-day vulnerability being exploited in…
The Vulnerability (CVE-2021-3156) exists in Sudo, a powerful utility to run programs with the security privileges of another user. The…
The Cisco DNA Center software has been reported with a high-severity security vulnerability (CVE-2021-1257) that allows cross-site request forgery (CSRF)…
As organizations embrace digital transformation and innovative ways of working in the current pandemic, keeping sensitive business information safe is…
Oracle Security Patches January 2021 has released 329 new security patches as a part of its quarterly patch cycle. 273…
The Threat Intelligence team of Wordfence discovered two security vulnerabilities in the Orbit Fox WordPress plugin on November 19, 2020.…
Microsoft Patch Tuesday January 2021 has rolled out its January security updates on this month's patch Tuesday for 83 vulnerabilities,…
The responsibilities of the average IT team are piling up. However, what was once confined to service, maintenance, and troubleshooting…
Niels Teusink of Dutch cybersecurity firm EYE has recently discovered a secret backdoor to Zyxel devices. More than 100,000 Zyxel…
Endpoints are one of the most important assets of an enterprise. According to a study, 68 percent of IT admins…
Google's Project Zero team of security analysts has released the details of an improperly patched 0-Day vulnerability. The issue can…
2020 has been less than ideal for people from all walks of life. We saw the biggest worldwide pandemic in…
SolarWinds has released an advisory on 27th December 2020 to address the vulnerability being exploited by SUPERNOVA malware. The vulnerability…
FireEye is an IT security company focusing on providing security products and services to its customers. On December 8th, 2020,…
Contact Form 7 is a popular WordPress plugin that is used to create, customize, and manage multiple contact forms on…
Hewlett Packard Enterprise recently revealed a security flaw in its Systems Insight Manager software (Vulnerability in HPE Systems). This zero-day…
The system administrator's problems and solutions are never-ending. Technology is pushing boundaries and helping businesses make bigger and better decisions.…
Apple released security updates for multiple products. The exploitation of some of these security flaws will allow an attacker to…
Highly evasive hackers breached Orion IT monitoring and management software of SolarWinds and deployed malware updates to it. It is…
Multiple critical command injection vulnerabilities have identified in the D-Link DSR VPN router family products. These vulnerabilities are identified with…
Microsoft Security Bulletin December 2020 has rolled out December Patch Tuesday security updates for 58 vulnerabilities in its product line,…
Security risk management is a complicated and time-consuming affair. Organizations spend many resources to ensure all their business operations and…
VMware has released security updates to fix a critical vulnerability that is being exploited in the wild. According to the…
DarkIRC is a multi-featured botnet. The bot comes with a variety of capabilities like keylogging, the ability to download files…
You might be well ahead of your peers in keeping your patching cadence for major applications like Microsoft, Linux, or…
Over the past 15 years, vulnerability management has evolved from a simple process to a complex business practice. The increasing…
Organizations are not new to grueling compliance audits that keep them up at night every quarter or year-end. To secure…
Mozilla has released three security advisories to address the vulnerabilities present in Firefox, Firefox ESR, and Thunderbird. A zero-day vulnerability…
Vulnerability management is hard to execute as a continuous process in the long run. In huge networks of organizations, the…
Google has released a security advisory for its Chrome users on Windows, Mac, and Linux, addressing two very critical Zero-Day…
Microsoft Patch Tuesday November 2020 security updates released for 112 vulnerabilities in its product line including Windows operating system, Edge…
At SecPod, we always work towards delivering exceptional features to help you get the best out of our product. SanerNow…
Vulnerability management program is a standardized process across most organizations. However, even organizations that follow periodic compliance audits and patch…
The scares of Halloween came very early this year in the form of COVID-19. Although organizations faced a lot of…
Oracle has addressed a critical Remote Code Execution (RCE) vulnerability in the rare out-of-band patch in numerous versions of Oracle…
A new zero-day vulnerability (CVE-2020-14871) in Oracle Solaris has been brought to light by the FireEye security research team, Mandiant.…
On October 20, 2020, the National Security Agency (NSA), a national-level intelligence agency of the United States Department of Defense,…
Google Project Zero disclosed details for a zero-day vulnerability CVE-2020-17087 found in the Windows operating system that being currently exploited…
Cyber-attacks are busting in from all directions. The biggest and most widespread attack was in 2017, called Wannacry. More than…
This year has forced us into a lot of new challenges in the digital world. During the first half of…
Critical Remote Code Execution (RCE) vulnerability CVE-2020-14882 in the console component of the Oracle WebLogic Server Exploitation allows unauthenticated, remote…
Vulnerability management has been a standard practice for more than 15 years now. Vulnerability Scanning tool, assessment, and remediation have…
We all know the popularity and extensive audience of the Google Chrome browser, which can be used on Windows, Mac,…
Business demands are driving a surge of enterprise endpoints. The average IT asset inventory is constantly growing with remote and…
Oracle has released 402 new security patches as a part of the Oracle Security Patch October 2020 quarterly update cycle. 270…
Software patching is one of the primary security measures to prevent cyber-attacks. Many organizations realize the importance of patching, but…
Overview Microsoft Patch Tuesday October 2020 has released October Patch Tuesday security updates, addressing a total of 87 vulnerabilities in…
The year is almost coming to an end. We’ve been practicing personal best cyber hygiene practices at home, offices, and…
AgeLocker Ransomware targeting QNAP network-attached storage (NAS) devices have been used by attackers to encrypt user data and demand a…
Microsoft team patched a critical and exciting vulnerability in the Netlogon Remote Protocol of the Windows server last month. zero logon vulnerability…
Microsoft Patch Tuesday September 2020 has released September Patch Tuesday security updates with a total release of 129 vulnerabilities, In…
File Manager is a popular WordPress plugin that manages files to upload on WordPress sites. It allows a WordPress administrator…
The high severity zero-day vulnerabilities found in Cisco IOS XR – An Internetwork Operating System (IOS) that shipped with Cisco's…
A high-severity 'use-after-free vulnerability tracked as CVE-2020-6492 with a CVSSv3 base score of 8.3 exists in WebGL [Web Graphics Library]…
Jenkins, an open-source automation server software released an advisory pertaining to a critical vulnerability present in its application. Jenkins enables…
Microsoft Security Bulletin August 2020 was released, addressing a total number of 120 vulnerabilities, including two Zero-days in the family of…
The discovery of a high-risk vulnerability was in TeamViewer for Windows. It has a tracking as "CVE-2020-13699", with a CVSS…
In early 2020, the world saw the worst pandemic humankind has seen in a long time. While all businesses and…
A team of cybersecurity researchers found multiple vulnerabilities that affect billions of devices that run on either Windows or Linux.…
![Read more about the article [Product Release] – Check out what’s new in SecPod SanerNow 4.6.0.0 release](https://www.secpod.com/blog/wp-content/uploads/2020/07/Featured-Banner.png)
SanerNow 4.6.0.0 comes out with several enhancements to enrich the product usage experience. This maintenance release also includes bug fixes…
Are you aware of the worst cyberattack of 2017, the WannaCry ransomware attack? WannaCry was one of the worst-hit ransomware…
Cisco has released a Security Advisory for the actively exploited worldwide CVE-2020-3452. Cisco Read-Only Path Traversal Vulnerability in the web…
We are excited to announce the launch of our newly designed website - https://www.secpod.com/. At SecPod, we always strive towards…
The worldwide web is arguably the best source of information and opportunities currently. On the other hand, there are countless…
A critical and wormable 17 years-old vulnerability (CVE-2020-1350) has been discovered in Microsoft Windows DNS Servers which can allow an…
Microsoft Patch Tuesday July 2020 has released July Patch Tuesday security updates, addressing a massive number of 123 vulnerabilities and…
A critical zero-day vulnerability has been found in Zoom - A video conferencing software, for Windows 7 or below. The…
Palo Alto Network (PAN) has recently fixed a critical vulnerability related to the PAN-OS operating systems. The operating systems are known…
Citrix announces the release of patches for fixing a set of 11 critical flaws found in three of its networking…
F5 BIG-IP is a multi-purpose networking device manufactured by F5 Networks which can be configured to work as a traffic…
Security researchers at Check Point have uncovered multiple critical reverse RDP vulnerabilities in the Apache Guacamole. Apache Guacamole is a…
Microsoft has released patches to fix two remote code execution vulnerabilities in Microsoft Windows Codecs Library. HEVC or Windows codecs…
It has been 12 years since the inception of SecPod, The Company that aims towards implementing "Cyber Hygiene" across enterprises.…
The term data breach refers to any misfortunate event where confidential information is exposed to unauthorized users. Such incidents not…
Software Deployment, an ongoing IT administrator routine Organizations are growing at a faster pace these days, and so are their…
COVID19 has taught the world the powerful lessons on personal hygiene. Given that work from home culture is turning out…
Complexity in Anti Virus, Cybersecurity is a significant aspect of concern for any business today. People running businesses often feel…
Treck TCP/IP is a high-performance TCP/IP protocol suite designed for embedded systems. A set of 19 critical and high-severity security…
As the world fights for its survival against COVID19, most of us are now extra conscious about our hygiene. During…
Adobe has released critical security updates to its products like Adobe After Effects, Illustrator 2020, Adobe Campaign Classic, and…
Passwords are the key to unlock your identity. However, there are attackers who are always there to steal your confidential…
The Server Message Block Protocol (SMB protocol), which runs over TCP port 445, is a client-server communication protocol for sharing…
Microsoft Patch Tuesday June 2020 has released June Patch Tuesday, security updates with a total release of 130 vulnerabilities in…
Although the ransomware types took a nosedive in terms of the victim count years ago, it’s still alive and kicking.…
The SAP Adaptive Server Enterprise (ASE), previously known as Sybase SQL Server, is a high-performance relational database server that can…
Two critical vulnerabilities were recently disclosed by Cisco Talos in the widely used video conferencing software Zoom. It can be…
The IT giant, Apple has quietly patched a zero-day vulnerability which was recently discovered by a team of cyber-security researchers…
Every organization has its own IT Assets and IT asset control can be done by the internal team by using…
Apple Security Updates May 2020 released security updates for multiple products. A total of 59 vulnerabilities addressed. The exploitation of…
COVID 19 has bought a lot of changes to the world. Various industries have evolved from their regular work pattern…
A new vulnerability in the architecture of the global Domain Name System (DNS) was brought to light. By a team…
Patching is one of the best security practices followed to fix software vulnerabilities. Studies show that much serious ransomware like…
![Read more about the article [Product Release] Check out what’s new in SecPod SanerNow 4.5.0.0](https://www.secpod.com/blog/wp-content/uploads/2020/05/Featured-Banner.png)
Release notes SanerNow 4.5.0.0 brings several enhancements to the Patch Management (PM) module along with a few product performance improvements.…
Adobe had released security updates providing fixes for 16 critical vulnerabilities in Adobe Acrobat, Reader, and Adobe DNG Software Development…
Microsoft Patch Tuesday, May 2020, has released May Patch Tuesday security updates, addressing a total of 111 vulnerabilities in the…
Cisco has rolled out May 2020 security patches for eleven different products using auto patching. Advisories released for Cisco Adaptive…
Chris is an IT administrator working for a large enterprise with multiple remote offices. Chris deals with numerous system issues…
SaltStack Salt is a very popular open-source remote task and configuration management framework widely used in data centers and cloud…
Although its not a Patch Tuesday, Adobe has released some of the emergency security updates to its products like…
Microsoft released an out-of-band security update addressing multiple vulnerabilities that plug remote code execution vulnerabilities in an Autodesk FBX library…
A Live Webinar on “How Blue Hat Cyber Automates Patch Management Using SecPod SanerNow” Patch management is not an easy…
A security researcher recently uncovered four vulnerabilities in IBM Data Risk Manager and publicly disclosed them following a refusal from…
As the global pandemic, COVID-19 is hitting the world hard, organizations' workforces are now working from home. No company can…
Oracle has released 397 new security patches as a part of their quarterly update cycle, out of which 262 vulnerabilities…
Microsoft Security Bulletin April 2020 has released April Patch Tuesday security updates, addressing a total of 113 vulnerabilities in the…
I am Nicole Fernandes, an ex-Christite started my career at SecPod Technologies during the final semester of my MCA course.…
According to many organizations, practicing healthy cyber hygiene measures is a difficult task. IT administrators try their best to implement…
Coronavirus, COVID-19, or SARS-CoV-2 has turned the lives of people across the globe into a nightmare. Attackers have utilized the…
Mozilla fixed two critical zero-days in its popular web browser, Firefox. Using a vulnerability management tool. Mozilla is aware of…
I have been interested in learning about biological systems for a few years now, generally about the human body and…
Apple finally released Security Updates in March 2020 for multiple products today. A total of 49 vulnerabilities were addressed. However,…
Microsoft and its updates are of utmost interest to the security community during the second Tuesday of every month, the…
COVID-19 has spread across the globe and has forced organizations to embrace work from home culture. We too were faced…
How to secure Java code? Every software developer must follow certain standards and practices while coding and writing, secure code…
At SecPod, we strive towards delivering the solution to enhance user experience. SanerNow 4.4.0.0 comes with a bundle of new…
Recent attacks involved the exploitation of security holes in Trend Micro's enterprise security products. Trend Micro issued a critical security…
Adobe released a security update for the widely used Acrobat and Reader. This Adobe security bulletin includes a total of…
Never wanted to get into Technology I know it wouldn't be very nice to give this statement at first, as…
What is Solaris? Why should you use it? Solaris is a Unix-based operating system developed by Sun Microsystems, which was…
Microsoft disclosed details of a critical wormable flaw in SMBv3. This flaw can be used by attackers to deliver wormable…
Researchers have discovered another interesting vulnerability in the line of speculative execution attacks in Intel processors. This vulnerability named Load…
Microsoft Patch Tuesday March 2020 has released March Patch Tuesday security updates, addressing a total of 113 vulnerabilities in the…
Researchers have uncovered a serious vulnerability (CVE-2019-0090) in Intel's CSME, which is unfixable and allows compromise of the hardware too.…
A critical 17-year-old remote code execution bug was discovered in pppd (Point to Point Protocol Daemon). PPPD is used to…
As an initiative to celebrate International Women’s day at SecPod, we brainstormed and gathered a lot of ideas. Starting from…
A critical vulnerability named Ghostcat was recently discovered in Apache Tomcat Servers. Apache Tomcat is a software used to deploy…
Cisco has released updates for a set of vulnerabilities. These vulnerabilities include six high severity and six medium severity vulnerabilities.…
Microsoft rightly predicted that systems vulnerable to CVE-2020-0688 could be an attractive target. For attackers, this vulnerability could soon…
In a bid to fix three new vulnerabilities in its browser, Google has issued updates for Chrome on all the…
Microsoft released updates for Patch Tuesday a week ago. A few users who installed the updates encountered missing files and…
Fox Kitten Campaign has hit the headlines recently, but has a longstanding history of cyber espionage. Researchers from ClearSky discovered…
Intel patched a high-severity bug in the CSME subsystem, allowing an attacker to escalate privilege, disclose information, and deny service. Intel…
Adobe released security advisories providing fixes for 35 critical vulnerabilities. These were detected using a vulnerability scanning tool. A total…
Microsoft has released February Patch Tuesday security updates, addressing a total of 101 vulnerabilities in the family of Windows operating…
RobbinHood is a relatively new ransomware that was first spotted in April 2018. A distinct feature of this ransomware is…
Fig 1: Image credit: zdnet.com Armis Security Inc., a cybersecurity firm based in the United States, has discovered five critical…
Lemon Duck is a monerocrypto-mining malware. This malware was first spotted in China but has hence spread to other parts…
RYUK is a ransomware that was first spot in the year 2018 and distribute as a part of a…
A new vulnerability was discovered in the sudo utility which allows an unprivileged user to gain root privileges without authentication.…
Researchers have discovered a critical remote code execution bug in OpenSMTPD email server. This flaw in OpenSMTPD, OpenBSD email server,…
Apple Security Updates January 2020 released security updates for multiple products today. A total of 46 vulnerabilities addressed. Exploitation of…
The news of numerous exploits on Citrix ADC(formerly NetScaler ADC) has been hitting the headlines lately. A total of 550,000…
Cisco FMC released a set of security updates which include one critical, seven high severity, and nineteen medium security advisories.…
Microsoft has released an emergency advisory for an unpatched zero-day vulnerability in Internet Explorer. A vulnerability management tool can detect…
The release of Microsoft Patch Tuesday updates for January 2020 brought to light a critical vulnerability in Microsoft Windows CryptoAPI.…
Microsoft Patch Tuesday January 2020 has released January Patch Tuesday security updates today, fixing 49 common vulnerabilities and exposures (CVEs)…
Cisco has rolled out security patches for fourteen different products. Advisories released for Cisco Webex Video Mesh and Cisco IOS…
Mozilla released two consecutive security advisories to address the vulnerabilities in Firefox and Firefox ESR. The latter is a critical…
Cisco released security updates for Cisco Data Center Network Manager (DCNM), a platform for managing Cisco's data center deployments, switches…
Artificial intelligence and computer vision fall in the category of top 10 buzzwords of modern day computing. An opensource platform…
Cisco noticed a steep rise in the exploitation attempts of a critical vulnerability in Cisco Adaptive Security Appliance (ASA) and…
Drupal is a free, open-source software that can easily create and manage many types of Web sites. Drupal also includes…
In the Apple Security Updates December 2019, Apple has rolled out security patches for various products. There are a total…
Adobe released its December 2019 Security Updates addressing 25 vulnerabilities in Adobe Acrobat and Reader, Photoshop CC, Brackets and ColdFusion. Seventeen…
Microsoft Security Bulletin December 2019 released its monthly set of security updates today. The December 2019 Patch Tuesday fixed a…
A new vulnerability(CVE-2019-14899) was discovered in Linux and Unix-like systems, allowing an attacker in the adjacent network to inject data into the TCP stream and hijack…
OpenBSD is a free and open-source Unix-like operating system based on the Berkeley Software Distribution (BSD). It is widely regarded…
EmbedThis GoAhead is a simple and compact embedded web server which can be used to efficiently host embedded web applications.…
Mozilla has released security updates for Firefox, Firefox ESR and Thunderbird. Eleven vulnerabilities were identified and fixed in Firefox and…
Oracle's E-Business Suite is a collection of enterprise resource planning (ERP), customer relationship management (CRM), and supply-chain management (SCM) computer…
Spearphishing is a key weapon for attackers these days. Spam emails with malicious decoy documents are a dime a dozen.…
Does the name ZombieLoad ring a bell with you? A new variant of the infamous ZombieLoad attack is around. ZombieLoad…
Adobe has released security updates as a part of its monthly cycle Adobe Security Updates November 2019. There are a…
Microsoft Patch Tuesday November 2019 publicizes November Patch Tuesday security updates today, using a vulnerability management solution, fixing 74 common…
Bluekeep is an exploit not unheard of. But, it is only in the recent times that an active exploitation of…
QSnatch, the new malware in town has already affected thousands of devices and wouldn't call it quits. This malware was…
In the release of Cisco Security Updates in November 2019, A new set of vulnerabilities identifying and fixed by Cisco,…
Google released an emergency update for Chrome warning that an exploit exists in the wild. Two vulnerabilities are rated high…
Apple has released a set of security updates for the second time this month. The updates include fixes for vulnerabilities…
PHP FPM (FastCGI Process Manager) is an advanced PHP FastCGI implementation with added features and is very useful for…
Mozilla Firefox and Google Chrome Vulnerabilities Mozilla Firefox Vulnerabilities They released updates for Firefox and Firefox ESR. Thirteen vulnerabilities were…
A critical vulnerability was discovered in the Linux Kernel which allows attackers to crash the operating system or completely take…
Cisco released 29 updates to address the vulnerabilities in its products. There is one critical vulnerability that was addressed in…
019 Oracle has released 219 new security patches as a part of the October 2019 update cycle. 142 vulnerabilities are…
Adobe released out of band patch security updates for four products. These updates addressed a total of 82 vulnerabilities. 46…
Linux users, beware! One of the most powerful and well known command line utility, sudo, could aid users to gain…
Apple released security updates a week ago which included a fix for a zero-day vulnerability. Morphisec discovered active exploitation of…
. iTerm 2 vulnerability is causing problems as it is one of the most popular macOS terminal emulators and is…
Apple released a set of Apple security updates October 2019 for its products this month. There are a total of…
Microsoft Patch Tuesday October 2019 security updates today Remediating 60 common vulnerabilities and exposures (CVEs) in the family of Windows…
Foxit has released a security advisory for Foxit Reader. There are eight high severity bugs that were fixed in this…
Exim is the most used MX server with more than 57% of installations on mail servers reachable on the Internet.…
A critical remote code execution (RCE) vulnerability affecting one of the widely used internet forum software vBulletin vulnerabilities has been…
Apple has released a set of Apple Security Updates September 2019 to address the vulnerabilities in its products. There are…
Adobe released security updates for three vulnerabilities in ColdFusion. Two vulnerabilities rated critical for arbitrary code execution and one rated…
Microsoft has released out-of-band security updates to fix a critical remote code execution vulnerability in Microsoft Internet Explorer being exploited…
Google has released urgent updates for 4 vulnerabilities. One of the vulnerability is rated Critical and the other three are…
phpMyAdmin is a free tool millions worldwide use to manage MySQL and MariaDB databases over the web. Joomla, WordPress, etc.,…
Microsoft Patch Tuesday, September 2019 released its Patch Tuesday security updates today, revised 80 common vulnerabilities and exposures (CVEs) in…
Exim is a message transfer agent (MTA) which runs on Unix-like systems. Exim is widely in use as a mail…
Samba is a file share server that is a re-implementation of the SMB protocol. Apart from being a server for…
Apple has released an emergency patch CVE-2019-8605 to fix a flaw in the kernel component. Reports indicate that Apple had…
Squid is an open-source web caching and Internet proxy application which is widely used for speeding up the webserver and…
What is HTTP/2 ? HTTP/2 is an updated version of the HTTP protocol and was released in 2015. After the…
Adobe released its monthly set of security updates to address the vulnerabilities in its products. This month in august 2019…
Microsoft Security Bulletin August 2019 is back with its monthly set of security updates, addressing a total of 96 vulnerabilities…
SQLite is a cross-platform relational database management system. It is known to be the most used database engine in the…
ProFTPd is an open-source, cross-platform FTP server and is one among the most popular FTP servers used in Unix-like environments.…
Apple released a set of Apple security updates July 2019 to address vulnerabilities in its various products. About 49 vulnerabilities…
Exams were round the corner and I had a crucial decision to make - accept the job offers that I…
Some facts before you read further: 1) Zoom client installed on 4 million Mac computers worldwide. 2) Zoom client on…
Microsoft Patch Tuesday July 2019 released its monthly set of security updates today. 77 vulnerabilities were addressed in these updates…
A critical vulnerability has been discovered recently in QEMU (Quick Emulator). Beware of the Command execution vulnerability that exists in…
Privilege Escalation Vulnerabilities are a dime a dozen these days. But what if an attacker could take control of an…
A campaign targeting government organizations in Central Asia was discovered delivering a backdoor named HAWKBALL Exploit. This backdoor can collect…
image credit: blogs.oracle.com Oracle has released an out-of-band security update to address a critical oracle weblogic server deserialization RCE. A…
Exim, one of the most popular open-source mail transfer agents (MTA) in Linux systems, is now being exploited by attackers…
Today, Microsoft Patch Tuesday June 2019 has released its monthly set of security advisories for vulnerabilities that have been identified…
Code Red! To all the Linux users out there, you have a high probability of getting your system hacked if…
VLC released a minor update for Vetineri, the 3.0.x release line of VLC Media Player. This has been considered an…
Credits : thehackernews.com Patch Tuesday is just around the corner and SandboxEscaper has continued to drop exploits one after another.…
With just a week gone by after Patch Tuesday, an anonymous researcher identified as SandboxEscaper found this to be the…
A new set of security vulnerabilities have put major tech giants and security researchers on the run. Just a set…
Alpine Linux is a simple and resource efficient OS which was built based on muscl and Busybox. Due to these…
It's Microsoft Patch Tuesday May 2019 again! And this time, the security updates have addressed a total of 79 vulnerabilities…
Image Credit: threatpost.com A remote code execution vulnerability exists in Microsoft SharePoint. This vulnerability, tracked as CVE-2019-0604 was reported by…
Oracle released the quarterly critical patch updates in April 2019. And in less than a week, a zero-day (CVE-2019-2725) was…
A Zero-day vulnerability is in discovery by Internet Explorer that can allow attackers to steal files from Windows systems. The…
While we all breathed a sigh of relief after patching our systems against the two zero-days reported in the April…
Adobe brought out its monthly set of security updates to address the vulnerabilities in its products. This month's release consists…
Microsoft Security Bulletin April 2019 is back with its monthly set of security updates, addressing a total of 75 vulnerabilities…
A Critical 19-year-old remote code execution vulnerability has been identified in the WinRAR, which is currently being actively exploited in…
Microsoft Patch Tuesday March 2019 is back with its monthly set of security updates and brings with it 64 vulnerabilities.…
Microsoft Security Bulletin February 2019 released its monthly set of security updates to address the vulnerabilities in its products today.…
Microsoft Patch Tuesday January 2019 released its monthly set of security updates to address the vulnerabilities in its products today.…
Spectre and Meltdown vulnerabilities are one of the most significant known hardware vulnerabilities that affect the modern computer processors. Meltdown…
Microsoft Security Bulletin December 2018 released its monthly set of security updates to address the vulnerabilities in its products today.…
Image Source: wikimedia.org Apple Security Updates December 2018 released a set of security updates for its products this month. There…
Overview: By default, updates for Click-To-Run installations of MS Office 2013 and 2016 are not offered by Microsoft through Windows…
January 2018 saw the rise of Meltdown and Spectre vulnerabilities concerning speculative execution side channels. A subclass of speculative execution…
This November, Microsoft Patch Tuesday November 2018 released monthly security patches covering total 63 vulnerabilities, with 12 of them rated…
Overview Microsoft has re-released a patch for CVE-2017-8529 to fix a print issue related to this vulnerability. The patch is…
Adobe, this Tuesday as always released its security updates October 2018 monthly set of security advisories for vulnerabilities that have…
Today, Microsoft Patch Tuesday October 2018 has released its monthly set of security advisories for vulnerabilities that have been identified…
Today, Microsoft Patch Tuesday September 2018 has released its monthly set of security advisories for vulnerabilities that have been identified…
Saner 4.1 unveils feature-packed release for Patch Management and encompasses performance optimization in all the tools. It offers patch rollback…
A critical remote code execution vulnerability affecting the popular web application framework Apache Struts has come to light. The vulnerability…
Adobe, This Tuesday as always released its security updates August 2018 monthly set of security advisories for vulnerabilities that have…
Today, Microsoft Security Bulletin August 2018 has released its monthly set of security advisories for vulnerabilities that have been…
Today, Microsoft Patch Tuesday, July 2018, has finally released its monthly set of security advisories for vulnerabilities that have been…
Adobe, This Tuesday as always released its security updates July 2018, monthly set of security advisories for vulnerabilities that have…
Microsoft Edge and Mozilla Firefox browsers have been identified to have a severe bug that can allow remote attackers to steal…
Computers are alive and talking and exchanging ideas and walking around and driving cars and writing poems but, yeah that's…
When I had just joined SecPod, I had this question lingering in my mind as to what it meant to…
Today Microsoft Patch Tuesday June 2018 released regular monthly patches, fixing a total of 50 vulnerabilities. Among these Microsoft rated…
Adobe on Monday released security advisories for its Acrobat and Reader, and Photoshop products. These advisories address 48 vulnerabilities , with…
Today, Microsoft and Adobe have released their monthly set of security advisories for vulnerabilities that have been identified and addressed…
Five hours! Five hours! That's how long it took for hackers to exploit Drupal vulnerability (CVE-2018-7602) after the patches came…
Oracle WebLogic Deserialization RCE Server is a Java EE application server currently in development by Oracle Corporation. A configured instance…
More than a million active websites use Drupal, making it the second most used content management system worldwide after Wordpress.…
Adobe, This Tuesday as always released its security updates April 2018 monthly set of security advisories for vulnerabilities that have…
Microsoft Security Bulletin April 2018 Today, Microsoft Security Bulletin April 2018 has released its monthly set of security advisories for…
Image courtesy: maketecheasier.com Need help to fix your Windows PC? Well, Windows Remote Assistance (MSRA) has a lot to offer than…
Tech giant Adobe released security updates march 2018 patching up critical and important security holes in its Dreamweaver CC, Adobe…
Today Microsoft released regular patches fixing a total of 75 vulnerabilities. Among these Microsoft rated 14 CVEs as Critical and…
After last year's Service Message Block (SMB) ultra-shock, this year, a new denial-of-service vulnerability is present in SMBv3, which is…
Adobe, one of the most admired Tech firms today, released security updates February 2018 patching up critical, important and moderate…
This valentine's day Microsoft Security Bulletin February 2018 released security patches addressing a total of 50 security vulnerabilities in various…
A new critical Adobe Flash Player zero-day vulnerability reported in the wild. The vulnerability identifies as CVE-2018-4878 is actively believed to be being…
Oracle Micros POS is a hospitality management platform providing enterprise point-of-sale (POS) and back-office functionality to support a wide range…
Image Source: www.digitaltrends.comApple released security updates this week, which affects macOS High Sierra, OS X El Capitan, iPhone, iPad, iPod,…
Start of this new year, Meltdown and Spectre kept us busy. Today Microsoft Patch Tuesday, January 2018, released regular patches…
Two new critical vulnerabilities discovered affects every processor since 1995, which allow malicious programs to steal information from other programs'…
Microsoft fixed two critical remote code execution vulnerabilities (RCE Vulnerability), reported in 'Microsoft Malware Protection Engine'. Microsoft Malware Protection Engine scans…
Microsoft patch update December 2017 Patch Tuesday addresses 32 security vulnerabilities in six of its main product categories. Among these 20 CVE’s are rated…
Image Source: thestack.comIntel identified eight security vulnerabilities and released a security advisory last week, affecting Intel core CPU technologies Intel…
A serious security flaw affecting all versions of Microsoft Office has been discovered by security researcher Lino Antonio Buono. The…
Microsoft Patch Tuesday, November 2017, addresses 53 security vulnerabilities in six of its main product categories. Among these, 19 CVEs…
Adobe Security Updates November 2017 has unleashed security patches for most of its major products in its November security updates.…
A major ransomware attack named "BadRabbit" is disrupting systems across Europe. The attack has been spreading wildly. BadRabbit locks out…
Source: thehackernews.comReturn of Coppersmith’s Attack, or ROCA Attack for short, is a cryptographic weakness in generating RSA keys that allows the…
Introduction 2017 security breaches and Security attacks happen routinely, costing companies millions of dollars, along with a decline in their…
Adobe has released a critical security patch (APSB17-32) for Adobe Flash Player. This update addresses a critical type confusion vulnerability…
A major new security flaw has been discovered and it affects practically every device that uses Wi-Fi. Its called KRACK…
Over 5.3 billion devices across Windows, Linux, ios, and Android are affected by a new attack vector called BlueBorne Attack.…
Microsoft Patch Tuesday October 2017 addresses 62 security vulnerabilities in eight of it’s main product categories. Among these 28 CVE’s…
Apache Wicket is an open-source, server-side, Java web application framework and used by quite a few big sites. It is…
Piriform CCleaner is a system cleanup tool by Piriform, which is now owned by Avast. A suspicious activity identified on…
Microsoft Patch Tuesday September 2017 released total of 94 individual security updates addressing total of 84 CVE's, in addition to…
Adobe has released four security updates for Adobe Flash Player (APSB17-28), Adobe RoboHelp(APSB17-28), and Adobe Cold Fusion (APSB17-30) which covers…
A critical remote code execution vulnerability recently discovered in the popular Apache Struts web application framework allows a remote attacker…
VisualDiscovery is an Adware program by SuperFish.inc. VisualDiscovery was able to access consumer's personal information sent online, including login credentials,…
Foxit reader is prone to two remote code execution zero day vulnerabilities, found by Steven Seeley (mr_me) and Ariele Caltabiano…
Image Source: pcworld Ever wonder why your system running slower than usual, and how those annoying random messages pop up? or…
SMBLoris is a remote, unauthenticated application-level denial of service (DoS) attack against Microsoft Windows operating systems. A vulnerability of this…
Microsoft August 2017 Patch Tuesday addresses 48 security vulnerabilities in six of it's main product categories. Amoung these 25 CVE's…
Adobe has released four security updates August 2017 for Adobe Flash Player (APSB17-23), Adobe Experience Manager (APSB17-26), Adobe Acrobat and…
Oracle has released 308 security updates as part of the quarterly patch release cycle. The Oracle Critical Patch Update –…
Microsoft Patch Tuesday, July 2017, Finally addresses 51 security vulnerabilities and three vulnerabilities for Adobe Flash Player. However, 19 vulnerabilities…
Adobe has released two adobe security bulletins for Adobe Flash Player (APSB17-21) and Adobe Connect (APSB17-22) which covers a total of…
As stated in the IoT Ransomware Attacks - Part 1 IoT ransomware is not just holding your data hostage, it…
Yet another large scale widespread ransomware attack immobilized many organizations around the world. Last month we had seen the infamous…
Saner 3.0 provides new administrative controls, consolidated reports across all clients, additional endpoint probes, scaling/performance improvements, and a variety of…
Ransomware has already managed to carve itself a slot as one of the main cyber security threats in recent years.…
Microsoft Patch Tuesday June 2017 addressed 97 security vulnerabilities including two critical vulnerabilities. Windows Search Remote Code Execution (CVE-2017-8543) and…
Adobe has released three security updates for Adobe Flash Player (APSB17-17), Adobe Shockwave Player (APSB17-18), Adobe Captivate (APSB17-19) and Adobe Digital Editions…
There may be a possible 'second wave' of massive global cyber attack, as SMB (Server Message Block) . It was…
In the first week of April 2017, an unknown hacking group called Shadow Brokers leaks an exploitation framework named FuzzBunch. From…
A 7-year-old Critical Remote Code Execution vulnerability has been found in Samba networking software that could allow a remote attacker…
The Blackhats have created a new strain of malware that targets the same vulnerability as the WannaCry ransomware from the…
Apple Security updates May 2017 fixed 141 vulnerabilities across multiple products including macOS Sierra, iOS, watchOS, tvOS, iCloud, Safari, and…
In the last few days, we saw how “WannaCry” ransomware crippled 3 million Windows systems around 150 countries. To understand…
WannaCry (also known as Wana Decrypt0r 2.0, Wannacryptor, WannaCrypt, wana Decryptor) ransomware disrupts 2-3 million devices in around 150 countries,…
Strbleed or StringBleed is a critical flaw in implementing Simple Network Management Protocol (SNMP). It leads to an access-control bypass,…
The Magic Button There is a magic button that is going to save us all. Mathematical modeling, sandboxing, behavioral analysis,…
Microsoft Patch Tuesday May 2017 addressing 56 security vulnerabilities in addition to 7 vulnerabilities for Adobe Flash Player. The Microsoft…
Adobe Security Updates May 2017 has released two security updates for Adobe Flash Player, and Adobe Experience Manager Forms using…
Over the past few years, enterprises have been hit by complex and advanced ransomware attacks. With a heroic entry, they…
Oracle has released 300 security updates as part of the quarterly patch release cycle. The Oracle Critical Patch Update –…
In the third and final part of this series, we will explore Cerber, the most devious ransomware, and its behavior…
Let's continue from where we left off last week, and will go through the behavior patterns of the next versions…
Breaches continue to occur regardless of existing tools. In Feb 2017, a hack compromised the account details of more than…
Cerber is pernicious ransomware and one of the top 3 ransomware in the world. Cerber has been growing exponentially since…
Image Credit: Cybellum A 15-year-old Microsoft Windows Zero-Day vulnerability, dubbed as DoubleAgent, has been discovered by using a vulnerability scanning…
Microsoft Patch Tuesday March 2017 brings 18 Security bulletins addressing 139 security vulnerabilities in addition to 7 vulnerabilities for Adobe…
Adobe has released a critical security patch for Adobe Flash Player. The patch addresses seven (7) flaws including multiple code execution vulnerabilities.…
The Model-View-Framework Apache Struts2, an open source and free framework for simplifying the creation of web applications in Java recently…
Secure Hash Algorithm 1, or SHA-1, is a cryptographic hash function designed by the National Security Agency to be part…
(Image source: WordPress ) WordPress, the easiest and most powerful blogging and website content management system, has silently fixed a…
A new zero-day exploit exists in the wild for Windows SMB. Security researcher Gaffie discovered this vulnerability three months ago.…
Adobe has released three security updates for Adobe Flash Player (APSB17-04), Adobe Digital Editions (APSB17-05), and Adobe Campaign (APSB17-06) which covers a total…
Adobe updates January 2017 has released two critical security updates for Adobe Acrobat and Reader (APSB17-01) and Adobe Flash Player (APSB17-02)…
Microsoft January 2017 Patch Tuesday brings 4 Security bulletins addressing 16 Vulnerabilities. One bulletin is rated as Critical and three are…
Ransomware was a popular topic in 2016. Ransomware attacks have become complex, targeted, and sophisticated. Many organizations infected with ransomware…
Saner Solution 2.3 provides many new features and capabilities, including full support for Mac OS X systems. The Saner solution…
Privilege escalation is the method of exploiting a bug, design flaw, or configuration issue in an operating system or software…
Microsoft December 2016 Patch Tuesday brings 12 Security bulletins addressing 62 Vulnerabilities. Six bulletins are rated as Critical and remaining…
Adobe has released four critical Security Updates December 2016 for Adobe Animate (APSB16-38), Adobe Flash Player (APSB16-39), Adobe DNG Converter (APSB16-41), Adobe InDesign (APSB16-43) and…
A new massive threat is making its rounds in the security world. A tricky yet nasty piece of ransomware called…
Linux distributions are one of the most popular and commonly used operating systems. All Linux distributions including Debian, Ubuntu, Fedora,…
Weak Password: Access Granted The world saw two major hacks recently – Yahoo and LinkedIn. While LinkedIn compromised 117 million…
USB Scam: An Unsuspicious Attack in Action Security researchers Karsten Nohl and Jakob Lell at the Black Hat security conference…
Adobe has released one critical security update for Adobe Flash Player (APSB16-37) and one security update for Adobe Connect (APSB16-35).…
Microsoft Patch Tuesday November 2016 brings 14 Security bulletins addressing 75 Vulnerabilities. Six of which are rated as Critical, eight…
Google discloses a Windows zero-day vulnerability in the Windows kernel. That is currently in exploitation in the wild by Black…
Dirty COW vulnerability(CVE-2016-5195) is a privilege escalation in the Linux Kernel, which allows an unprivileged local user to gain write…
Ransomware continues to be popular among cyber criminals. According to a CNN report, cyber criminals collected over $209 million in…
The Dangers of Drive-By Download Attack Drive-by-downloads are harmful pieces of software that are downloaded to an endpoint device as…
The Great Perils of FPhishing Every year, many organizations fall victim to phishing attacks. Tens of millions of phishing emails…
Adobe has released two critical security updates for Adobe Flash Player (APSB16-32), Adobe Acrobat and Reader (APSB16-33) and one security…
Microsoft Patch Tuesday October 2016 brings 10 Security bulletins addressing 37 Vulnerabilities. Six bulletins are rated as Critical, three…
Adobe has released three security updates for Adobe AIR SDK & Compiler (APSB16-31), Adobe Flash Player (APSB16-29), and Adobe Digital Editions (APSB16-28) which covers…
Microsoft Microsoft Patch Tuesday September 2016 brings 14 Security Bulletins addressing a total of 50 vulnerabilities. Seven Security Bulletins are…
The main highlight of this release is the extension of our features to various Linux flavors such as CentOS, RHEL,…
OpenSSH is a free suite of connectivity tools, aka OpenBSD Secure Shell, which provides secure encryption for remote login and file…
One of the major and serious threats on the internet today is malicious software, often called Malware. Malware, a short…
This month Adobe has released important adobe security advisories only for Adobe Experience Manager (APSB16-27). The security update for Adobe…
Microsoft August 2016 Patch Tuesday brings 9 Security Bulletins addressing a total of 34 vulnerabilities. Five Security Bulletins are rated as…
Understanding Saner Solution Saner Solution consists of three components namely- Ancor, Viser, and End-point Agents. Ancor is the Analytics and…
What would it be like if an Endpoint and Saner communicated? Endpoint: Someone entered? Saner: Hello Endpoint! I am…
Adobe has released critical security updates for Adobe Flash Player (APSB16-25), Adobe Acrobat and Reader (APSB16-26) and Adobe XMP Toolkit…
ImageMagick is an open-source software suite that can be used to create, edit and display bitmap images from the command…
Adobe has released critical security updates for Adobe Flash Player(APSB16-18), Adobe DNG SDK(APSB16-19), Adobe Brackets(APSB16-20), Adobe Creative Cloud Desktop Application(APSB16-21), ClouFusion (APSB16-22), Adobe AIR(APSB16-23)…
Microsoft Patch Tuesday June 2016 brings 17 Security Bulletins addressing a total of 82 vulnerabilities. Six are rated as Critical and…
A new vulnerability has been discovered by Ben Hayak, a researcher at Trustwave, at Black Hat Europe in Amsterdam, that can…
SecPod Saner 2.1 provides exciting new features and bug fixes. Features include much more robust reporting, automated alerts, threat visualization,…
Today’s sophisticated and complex malware targets all industries, and the healthcare industry is becoming a popular choice amongst attackers. Healthcare…
Advanced Persistent Threat (APT) is a network attack in which an attacker chooses a particular target, and uses social…
Microsoft May 2016 Patch Tuesday brings 16 Security Bulletins addressing a total of 37 vulnerabilities. Eight are rated as Critical and…
Adobe has released critical security updates and hotfixes for ColdFusion, Adobe Flash player, Adobe Acrobat and Reader, which covers a total…
Patch fatigue is a term that’s buzzing amongst IT managers due to the devastating number of patches enterprises need to…
A new ransomware has risen. Known as Jigsaw Ransomware, it is named after the iconic character that appears in the…
DROWN (Decrypting RSA with Obsolete and Weakened Encryption): OpenSSL is an open source application which contains implementation of SSL (Secure…
PowerWare, a new ransomware has been detected, which leverages Windows PowerShell to-do the work. The ransomware targets enterprises using Microsoft…
Strengthening resilience to attacks is the emphasis for security professionals nowadays. Though defenders are inventing technologies and tactics that are…
Ransomware has been continuously evading the security industry. And now they have hit the Mac world too. Mac OS X…
Adobe has released critical security updates for RoboHelp server 9, Creative Cloud desktop application, and Flash Player, which covers a total of…
Microsoft April 2016 Patch Tuesday brings 13 security bulletins including one bulletin for Adobe Flash Player, addressing a total of 29 vulnerabilities. Microsoft also…
Data breach responders work to recognize the source of the breach, use knowledge and technique to prevent/ fix a breach.…
The new version of the PCI Data Security Standard is expected to be released by the PCI Security Standards Council…
It is ideally after a post attack scenario when the blame game starts as to who is to be held…
Oracle has released an emergency security update for Java SE (CVE-2016-0636) running in desktop web browsers. Advisory addresses an unspecified vulnerability(CVE-2016-0636)…
A critical vulnerability found in Samba which affects all Windows platforms, termed as badlock. It will be patched on April 12,…
According to a recent survey that included approximately 480 IT professionals, effective patch management solution considered to be the easiest…
The world is huMONGOous, as is the amount of data we possess. The above line explains where the word ‘Mongo’…
Partnerships and strategic alliances between technology vendors and Managed Service Providers (MSP) drive sales and bring success to technology firms…
Multi-tenant architecture refers to the mode of operation wherein a single instance of a software application attends to multiple tenants.…
It has been reported that there is a critical bug in glibc. The bug discovered in glibc has been present…
Adobe has released critical security updates February 2016 for Experience Manager, Connect, Flash Player, Photoshop CC and Bridge CC. These updates…
Microsoft Security Bulletin February 2016 Patch Tuesday bring 13 Security Bulletins, which is addressing 37 vulnerabilities. Six are rated as Critical and…
AUGMENTED REALITY Augmented Reality is a sort of virtual reality that aims to duplicate the actual world's environment in a…
Corporate Espionage is the practice of stealing and unauthorized revealing of corporate data to other companies, government or individuals. Competitor…
CVE-2016-0728 is the latest zero-day flaw in the Linux kernel which affects millions of users across the world. The Linux…
As a firm grows, it’s important to adopt more stringent security measures to protect its business from unwanted threats, risks,…
The increased cost and complexity of securing the business IT infrastructure has opened the door for managed security service providers…
Small and medium size businesses mainly known as SMBs are focused towards growing. Spending on security software is not one…
2016 Security Predictions Every cyber experience that we encounter, be it success or failure is a learning lesson. A learning…
5 Endpoint Security Myths Protecting a central corporate network when it is being accessed through various endpoints such as mobile…
Adobe released critical security patch for Adobe Flash Player. The patch address Nineteen (19) flaws including multiple zero day vulnerabilities and CVE-2015-8561 is…
Microsoft Security Bulletin December 2015 Patch Tuesday brings 12 security bulletins which is addressing 71 vulnerabilities. Eight are rated Critical and 4…
Microsoft Patch Tuesday October 2015 bring six security bulletins which is addressing 33 vulnerabilities. Three are rated Critical and 3 are Important.…
Microsoft Patch Tuesday September 2015 brings 12 security bulletins which address 55 CVE's. Four are rated Critical and eight are Important.…
Microsoft Security Bulletin April 2015 Patch Tuesday bring 14 security bulletins which address 60 CVE's using a vulnerability management solution. This…
Microsoft has released an emergency patch update for all versions of Windows. This security update is rated Critical for all…
Microsoft Patch Tuesday July 2015 bring 14 security bulletins which address 58 CVE's using their vulnerability scanning solution. This month…
Bar Mitzvah Attack, a critical vulnerability discovered in Rivest Cipher 4 software stream cipher. A vulnerability management tool can detect this…
SecPod Research Team member (Deependra Bapna) has found Multiple Stored Cross-site. Scripting Vulnerabilities(CVE-2015-4673) in ClipBucket. The vulnerabilities are due to…
SecPod Research Team member (Thanga Prakash) has found Multiple Cross-site Scripting Vulnerabilities and SQL injection vulnerability in WordPress HTML5 MP3…
SecPod Research Team member (Thanga Prakash) has found Multiple Reflected Cross-site Scripting Vulnerabilities in ManageEngine Firewall Analyzer. The vulnerability is…
Microsoft Patch Tuesday June 2015 bring 08 security bulletins addressing a total of 45 vulnerabilities using a vulnerability management tool.…
MS Patch Tuesday May 2015 This Microsoft Patch Tuesday May 2015 released 13 security bulletins addressing a total of 46…
A critical bug dubbed Redirect to SMB has been discovered which is known to affect all devices running any version…
This April another big update from Microsoft, which includes 11 security bulletins addressing a total of 26 vulnerabilities. The high…
SecPod Research Team member (Shakeel Bhat) has found Multiple Stored Cross-Site Scripting Vulnerabilities in Dotclear CMS. The vulnerability is caused…
With all the frightening stories of hackers at Black Hat, I stepped into not-just-yet-another-conference in Singapore. Situated at the plush…
A big Patch Tuesday this month, Microsoft Patch Tuesday March 2015, consisting of total fourteen security bulletins address total of…
In our previous blog post, we promised to keep you informed if FREAK (Factoring attack on RSA-EXPORT Keys) vulnerability affects…
Another potentially dangerous vulnerability called FREAK (Factoring Attack on RSA-EXPORT Keys) is being true to its name and is freaking…
In this Microsoft Security Bulletin February 2015 Patch Tuesday, Microsoft released Nine security bulletins addressing a total of 56 vulnerabilities…
2015 CISCO Annual Security Report feels like a déjà vu. After all the song and dance, there are no surprises.…
A highly critical vulnerability has been found in glibc, the GNU C library, which affects all Linux systems on glibc…
A critical vulnerability known as Ghost Cat Vulnerability is discovered in GNU C Library (glibc) by a vulnerability scanning tool.…
Microsoft patch Tuesday January 2015 brings Eight security bulletins covering a total of eight vulnerabilities. Noticeably, high priority fix…
Last Microsoft Security Bulletin December 2014 Patch Tuesday of this year brings Seven security bulletins covering a total of…
This month Microsoft Patch Tuesday November 2014 has released 14 security bulletins addressing a total of 33 vulnerabilities. The high…
Microsoft Patch Tuesday October 2014 has released Eight security bulletins addressing a total of 24 vulnerabilities. The high priority fix…
Bourne Again Shell (BASH) CVE-2014-6271 is widely used and default command interpreter for many Linux flavors, is prone to a…
Microsoft Patch Tuesday September 2014 was announced this month with Four Security Bulletins addressing a total of 42 vulnerabilities.…
In this Patch Tuesday, Microsoft Patch Tuesday July 2014 released Six Bulletins addressing a total of 29 vulnerabilities. This month…
In this Patch Tuesday, Microsoft Patch Tuesday June 2014 released Seven Bulletins addressing a total of 66 vulnerabilities. The high…
A new flash zero-day (CVE-2014-0515) exploit exists in the wild and used to target Flash Player users on Windows systems.…
Executive Summary FortiGuard Labs has uncovered a new malware strain dubbed Gayfemboy, a Mirai successor that aggressively targets routers and…
Seventeen years is a long time in technology. Startups rise, buzzwords come and go, and entire industries transform in less…
Cybercriminals and advanced persistent threat (APT) actors are increasingly converging on a stealth-first, profit-driven, and persistence-focused model of operations. Recent…
A firmware-level security nightmare is unfolding across millions of Apple devices worldwide. Trusted by governments, cybersecurity professionals, and enterprise organizations…
Attackers no longer need direct access to production systems when they can taint training sets and push models off course.…
Modern software teams are increasingly adopting container technology to deploy applications more efficiently. However, running hundreds of containers at scale…
The cloud has become the backbone of modern enterprises. From running critical business applications to storing sensitive data, organizations are…
The cyber-espionage group Paper Werewolf (also identified as GOFFEE) is exploiting a zero-day flaw in WinRAR to target Russian entities.…
Cybersecurity today is trapped in a paradox. Organizations are investing more than ever in security tools, analysts, and compliance frameworks.…