Security News

Oracle has released the first Critical Patch Update scheduled for 2017, and it’s massive. It fixes 270 vulnerabilities across multiple products, and over 100 of them are remotely exploitable by...

Oracle patched 270 vulnerabilities, many remotely exploitable, across 45 different products as part of its quarterly Critical Patch Update (CPU) on Tuesday.

Microsoft patched two vulnerabilities rated critical that tied to Office 2016, its Edge browser and its Local Security Authority Subsystem Service (LSASS).

I am co-author on a paper discussing whether elections be classified as "critical infrastructure" in the US, based on experiences in other countries: Abstract: With the Russian government hack of...

The Department of Homeland Security has designated the U.S. voting infrastructure as critical infrastructure.

Google patched a critical hole in its problematic Android Mediaserver component that could have allowed an attacker to use email, web browsing, and MMS processing of media files to remotely execute code.

Critical remote code execution vulnerabilities in PHPMailer and SwiftMailer, libraries used to send emails via PHP, were patched this week.

Cisco is warning customers of a privilege escalation flaw in Cisco CloudCenter Orchestrator systems that could allow an attacker to gain root privileges on affected systems.

In an environment where we’re seeing increasing demand for connectivity between operational technology (OT) and IT, security teams have to dispel the air gapping myth to acknowledge that IT...

Netgear has confirmed a critical vulnerability in its Nighthawk routers that expose devices to command injection attacks. A public exploit is available.