Latest about Vulnerability
Second-ever OpenSSL critical vulnerability teased, 10 years after Heartbleed
By Rory Bathgate published
News All OpenSSL versions beyond 3.0 are at risk, with more details due to be released alongside a patch on 1 November
Apple patches actively exploited iPhone, iPad zero-day and 18 other security flaws
By Rory Bathgate published
News The out-of-bounds write error is the eighth actively exploited zero-day impacting Apple hardware this year and could facilitate kernel-level code execution
Undetectable PowerShell backdoor discovered hiding as Windows update
By Rory Bathgate published
News SafeBreach researchers identified the backdoor, which they say went undetected on all major antivirus programs
Office 365's encryption feature can be easily hacked, warns WithSecure
By Rory Bathgate published
News Researchers advise enterprises to move away from Office 365 Message Encryption, claiming its messages can be decrypted without a key
Fortinet reiterates call to mitigate against active zero-day, as customers delay fixes
By Rory Bathgate published
News A large number of customers have yet to apply mitigations necessary to avoid the critical vulnerability
Microsoft still searching for zero-day fixes following Patch Tuesday
By Rory Bathgate published
News ProxyNotShell remains unaddressed even as Microsoft fixes several critical flaws in its monthly package of security patches
Boeing 737 MAX: You can no longer escape liability due to poor code
By Rois Ni Thuama published
Analysis Known vulnerabilities in Boeing’s flight software led to two fatal crashes, as well as a landmark decision with major ramifications for software development
Microsoft's third mitigation update for Exchange Server zero-day exploit bypassed within hours
By Connor Jones published
News The string of problematic temporary fixes for ‘ProxyNotShell’ grows longer after a 'confusing' and 'atypical' week-long vulnerability disclosure process
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.