Security vulnerabilities stories - Page 24

Urgent call for updates: Apache Struts hit by critical vulnerability, CVE-2017-9805, risking remote code execution.

Traditionally organisations keep bug & vulnerability findings for themselves, but Oracle and Associate Professor Dietrich take a different approach.

Microsoft is offering up to US$250,000 in a new bug bounty program focused exclusively on ironing out the kinks in Windows 10.

A New Zealand security assessment and compliance system has received recognition from the US-based Center for Internet Security (CIS).

Information security can be a noisy place. As a career security guy my experiences have given me a deep understanding of attackers & the enterprise.

You don't hand the keys to the car, the liquor cabinet & the gun rack to a 16 year old. If all users have blanket local admin access it's just as bad.

Much ink is still being expended trying to determine who was responsible for WannaCry and what their motives were. But there's a bigger lesson here.

If you put off installing the latest Apple security updates, now is the time to do it, according to Australian security watchdogs Stay Smart Online.

The New Zealand Internet Task Force (NZITF) has welcomed New Zealand's new Computer Emergency Response Team (CERT) with open arms.

Mobile devices & smart TVs controlled by cyber criminals make scary headlines. There's something scarier – the possibility that routers can be owned.

Ransomware has seen a 752% increase in use over 2016, resulting in $1 billion in losses for enterprises worldwide.

WordPress is encouraging all users to upgrade to its new 4.7.3 version, saying that users of older versions may still be susceptible to cyber attacks.

Ransomware exploit kits are making it easier for attackers to target enterprises, because they're so simple to enact, Trend Micro warns.

Proofpoint and Trend Micro have discovered a large-scale 'malvertising' campaign through Microsoft Edge, enacted by threat actors known as AdGholas.

Security researchers Kaspersky Lab & bug bounty platform Hacker One are co-launching a Bug Bounty Program that offers $50,000 to security researchers.

Asustor enhances security with ADM 2.6.3, introducing two-step verification and updated SAMBA, OpenSSL versions.

Samsung says the flaw is extremely difficult to exploit, but if successful, an attacker could have an enormous amount of access to an affected device.

Check Point Software introduces new security gateway for Industrial Control Systems; aims to prevent cyber attacks on critical infrastructure.

The government review of the Earthquake Commission's funding and policy structures is leaving global reinsurers uncertain as they try to assess the.

The High Court in Wellington has made a number of declarations outlining how the Earthquake Commission can deal with claims stemming from loss of l.