Highlights and Updates

Microsoft Releases September 2017 Security Updates

Tuesday, 12th September 2017
Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of a system.

Adobe Releases Security Updates

Tuesday, 12th September 2017
Adobe has released security updates to address vulnerabilities in Adobe RoboHelp, Flash Player, and ColdFusion. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

Cisco Releases Security Advisories

Monday, 11th September 2017
Cisco has released advisories describing Apache Struts 2 vulnerabilities potentially affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.

Google Releases Security Updates for Chrome

Thursday, 7th September 2017
Google has released Chrome version 61.0.3163.79 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system.

Apache Software Foundation Releases Security Update

Wednesday, 6th September 2017
The Apache Software Foundation has released a security update to address a vulnerability in Struts 2. A remote attacker could exploit this vulnerability to take control of an affected system.

Flaws in Android Bootloader Code

Tuesday, 5th September 2017
Security flaws in Android bootloader firmware could be exploited to execute arbitrary code or create denial-of-service conditions. In all, researchers found seven vulnerabilities

China's New Cyber Security Law

Monday, 4th September 2017
A new law in China will allow that country's government to request source code and other intellectual property of companies doing business there.

WireX Botnet Takedown

Monday, 28th August 2017
Several tech companies have worked together to take down the WireX botnet. Researchers first became aware of WireX at the beginning of August; now there are at tens of thousands of infected nodes.

AccuWeather App Still Sharing User Data After Update

Monday, 28th August 2017
AccuWeather was criticized for sharing user data with an advertising company. AccuWeather has removed a feature that collected users' location data without their permission and shared it with Reveal Mobile.

DNSSEC Key Signing Key Rollover

Thursday, 24th August 2017
On October 11, 2017, the Internet Corporation for Assigned Names and Numbers (ICANN) will be changing the Root Zone Key Signing Key (KSK) used in the domain name system (DNS) Security Extensions (DNSSEC) protocol.