Intel Addresses 3 High Severity Vulnerabilities in BIOS of Several Processors

• Post author:Keshav R
• Post published:November 16, 2021
• Post category:Category(Default) - Do Not Use This/Computer Engineering/Endpoint Security/Featured Articles/Patch Management/Security Research and Intelligence/Vulnerability Management
• Post comments:0 Comments
• Reading time:4 mins read

Intel has recently disclosed a short advisory with details of high-severity for 3 CVEs here. They are CVE-2021-0157, CVE-2021-0158, and…

Continue ReadingIntel Addresses 3 High Severity Vulnerabilities in BIOS of Several Processors

Data Breaches are a Major Threat to Endpoint Security : SecPod Talks

• Post author:Dixitha S
• Post published:June 26, 2020
• Post category:Computer Engineering/COVID-19/Cyber Hygiene Framework/Endpoint Security and Management/IT Administrator Issues/Technology and Trends
• Post comments:0 Comments
• Reading time:6 mins read

The term data breach refers to any misfortunate event where confidential information is exposed to unauthorized users. Such incidents not…

Continue ReadingData Breaches are a Major Threat to Endpoint Security : SecPod Talks

Uncovering a three year old Iranian campaign dubbed Fox Kitten

• Post author:Vidita V Koushik
• Post published:February 19, 2020
• Post category:Computer Engineering/Endpoint Security and Management/Technology and Trends
• Post comments:0 Comments
• Reading time:4 mins read

Fox Kitten Campaign has hit the headlines recently, but has a longstanding history of cyber espionage. Researchers from ClearSky discovered…

Continue ReadingUncovering a three year old Iranian campaign dubbed Fox Kitten

Polarbear digs out a new Windows Zero-Day

• Post author:Vidita V Koushik
• Post published:May 24, 2019
• Post category:Computer Engineering/Endpoint Security and Management/Security Research and Intelligence/Technology and Trends
• Post comments:0 Comments
• Reading time:3 mins read

With just a week gone by after the Patch Tuesday, an anonymous researcher identified as SandboxEscaper found this to be…

Continue ReadingPolarbear digs out a new Windows Zero-Day

Dawn of ZombieLoad, RIDL and Fallout : MDS Attacks

• Post author:Vidita V Koushik
• Post published:May 16, 2019
• Post category:Computer Engineering/Endpoint Security and Management/Security Research and Intelligence/Technology and Trends
• Post comments:0 Comments
• Reading time:6 mins read

A new set of security vulnerabilities have put major tech giants and security researchers on the run. Just a set…

Continue ReadingDawn of ZombieLoad, RIDL and Fallout : MDS Attacks

Patch Tuesday: Microsoft Security Bulletin Summary for May 2019

• Post author:Vidita V Koushik
• Post published:May 15, 2019
• Post category:Computer Engineering/Endpoint Security and Management/Security Research and Intelligence/Technology and Trends
• Post comments:2 Comments
• Reading time:5 mins read

It's Microsoft Patch Tuesday May 2019 again! And this time, the security updates have addressed a total of 79 vulnerabilities…

Continue ReadingPatch Tuesday: Microsoft Security Bulletin Summary for May 2019

ALERT: Remote Code Execution Vulnerability in Microsoft SharePoint (CVE-2019-0604)

• Post author:Vidita V Koushik
• Post published:May 9, 2019
• Post category:Computer Engineering/Endpoint Security and Management/Security Research and Intelligence/Technology and Trends
• Post comments:0 Comments
• Reading time:2 mins read

Image Credit: threatpost.com Description: A remote code execution vulnerability exists in Microsoft SharePoint. This vulnerability, tracked as CVE-2019-0604 was reported…

Continue ReadingALERT: Remote Code Execution Vulnerability in Microsoft SharePoint (CVE-2019-0604)

ALERT: Oracle WebLogic Server Zero-day (CVE-2019-2725) in the wild

• Post author:Vidita V Koushik
• Post published:April 29, 2019
• Post category:Computer Engineering/Endpoint Security and Management/Security Research and Intelligence/Technology and Trends
• Post comments:0 Comments
• Reading time:2 mins read

Oracle released the quarterly critical patch updates in April 2019. And in less than a week, a zero-day was found…

Continue ReadingALERT: Oracle WebLogic Server Zero-day (CVE-2019-2725) in the wild

ALERT: Active Exploitation: Windows Elevation of Privilege Vulnerability (CVE-2019-0859)

• Post author:Vidita V Koushik
• Post published:April 22, 2019
• Post category:Computer Engineering/Endpoint Security and Management/Security Research and Intelligence/Technology and Trends
• Post comments:0 Comments
• Reading time:3 mins read

While we all breathed a sigh of relief after patching our systems against the two zero-days reported in the April…

Continue ReadingALERT: Active Exploitation: Windows Elevation of Privilege Vulnerability (CVE-2019-0859)

How to Enable Automatic Update for MS Office 2013 and 2016 Click-To-Run Installations

• Post author:Kumarswamy S
• Post published:November 30, 2018
• Post category:Computer Engineering/SecPod News Updates/Technology and Trends
• Post comments:0 Comments
• Reading time:2 mins read

Overview: By Default, updates for Click-To-Run installations of MS Office 2013 and 2016 are not offered by Microsoft through Windows…

Continue ReadingHow to Enable Automatic Update for MS Office 2013 and 2016 Click-To-Run Installations