Firefox Users Urged to Patch Zero Day Following Attack
The zero day - which was actually two zero days chained together - was used in attacks against a popular cryptocurrency exchange on Monday.
The zero day - which was actually two zero days chained together - was used in attacks against a popular cryptocurrency exchange on Monday.
Adobe is urging users to patch 10 vulnerabilities, five of them critical, in three different products this week.
Web browsers, virtualization software, even cars – nothing was off guards last week at Pwn2Own, the annual hacking competition held each year alongside CanSecWest in Vancouver.
A nasty vulnerability in runc, the backbone behind container systems like Docker and Kubernetes, was disclosed on Monday.
A privilege escalation flaw uncovered in Kubernetes could allow attackers to steal sensitive data, inject malicious code, and bring down production apps and services.
Adobe released a security update on Tuesday for Flash Player to resolve a critical vulnerability that could let attackers execute arbitrary code.
An authentication bypass in the SSH library libSSH disclosed this week could allow attackers to takeover vulnerable servers without authentication.
As part of October Patch Tuesday, Microsoft fixed a critical Win32k graphics remote code execution flaw in Windows that was being exploited in a small number of targeted attacks.
It's only Tuesday but if you're a system administrator that allows users to run .PDF readers by either Adobe or Foxit, you're almost certainly having a busy week already.
SAP released its monthly critical patch update for September this week, fixing 14 vulnerabilities, including some that could have allowed users to access restricted data or cause a database server to crash.