Security Experts:

long dotted


NVIDIA releases updates for GPU display drivers and other products to address the Spectre and Meltdown vulnerabilities [Read More]
IBM starts releasing firmware updates for its POWER processors to address the recently disclosed Meltdown and Spectre vulnerabilities [Read More]
SAP this week released its monthly set of security patches to address as little as three vulnerabilities in its products, all three rated Medium severity. [Read More]
Rockwell Automation patches high severity vulnerability in MicroLogix 1400 controllers. Flaw allows DoS attacks and possibly remote code execution [Read More]
Microsoft says users with older CPUs will notice a decrease in performance after applying the Spectre and Meltdown updates [Read More]
Microsoft patches over 50 vulnerabilities, including an Office zero-day similar to the Equation Editor flaw that has been exploited by several threat groups [Read More]
Adobe’s Patch Tuesday updates for January 2018 fix only one information disclosure vulnerability in Flash Player [Read More]
AMD users no longer receive Windows updates that patch Meltdown and Spectre, and Microsoft warns that some devices may not receive future security updates due to antiviruses [Read More]
Apple updates iOS, macOS and Safari to mitigate the effects of the CPU vulnerabilities behind the Spectre attack. Meltdown mitigated before disclosure [Read More]
Microsoft’s updates for the Meltdown and Spectre CPU vulnerabilities break Windows on some AMD computers. Patches also cause problems for some apps [Read More]

FEATURES, INSIGHTS // Vulnerabilities

rss icon

Jim Ivers's picture
Given the observation that consumers still seem oblivious to the risks and the lack of awareness about basic security hygiene, the education push will fall short.
David Holmes's picture
Security researchers found 26 vulnerabilities within ISP network devices that would have given them remote admin access to the majority of home networks in the United States.
David Holmes's picture
A manufacturer of a meter may have a different threat model involving the physical aspects of the device itself: device memory, firmware interface, ecosystem communications.
Jim Ivers's picture
These recommendations will help your organization reduce risk and save real money on the cost of resolving defects. It is not often you get such a clear win-win scenario.
Dan Cornell's picture
Being able to properly defend applications requires organizations to first identify their attack surfaces before meaningful risk management can take place.
Marie Hattar's picture
When done successfully, continuous testing and training prevents bugs and performance issues from going out the door, while enabling developers to better spot problems in the future.
Travis Greene's picture
To reduce exposure to malware, security teams need to learn the DevOps techniques that are being adopted across the rest of the IT organization.
Jim Ivers's picture
Medical devices are indeed vulnerable to attack, but the industry is waking up to the breadth of the problems, and several organizations are forming a vanguard to show the way forward.
Jennifer Blatnik's picture
If the WannaCry incident taught us anything, it’s that global, widespread ransomware can and will impact organizations without any notice. The time to prepare is now.
Torsten George's picture
Hackers are exploiting known vulnerabilities and are betting on the fact that organizations don’t know how to fix what really matters.