Apple Patches Dozens of Vulnerabilities Across Product Lines

By Ionut Arghire Apple this week released a new set of important security updates for its products, to patch dozens of vulnerabilities in macOS, iOS, watchOS, tvOS, and Safari, as well as in the iCloud and iTunes for Windows applications.
read more

…read more

Source: Securityweek.com

Update your Mac and iPhone – and help stop unwanted pwnage

By Paul Ducklin Updates fix bugs found and responsibly reported rather than found in the wild …read more

Source: http://nakedsecurity.sophos.com/

Microsoft Unveils Windows Defender Security Center

By Ionut Arghire The upcoming Windows 10 Creators Update was designed to make available security protections easily accessible via a new experience called the Windows Defender Security Center, Microsoft says.
read more

…read more

Source: Securityweek.com

Shamoon Attacks Possibly Aided by Greenbug Group

By Eduard Kovacs The stolen credentials used in the recent Shamoon attacks aimed at organizations in the Persian Gulf may have been supplied by a threat group tracked by Symantec as “Greenbug.”
read more

…read more

Source: Securityweek.com

The Importance of Threat Modeling

By Rafal Los In cyber security, it feels like at least once a week there’s a news story that gets people spun up in a panic. While there is no shortage of vulnerabilities and critical issues in the world, not everything applies to everyone. Hence, the importance of threat modeling.
read more

…read more

Source: Securityweek.com

As attacks rise, we ask: how secure is your Hadoop installation?

By Bill Camarda As database break-ins spread, we offer some advice for checking on your installations …read more

Source: http://nakedsecurity.sophos.com/

World’s most popular email server praised as ‘near-impenetrable’

By Danny Bradbury Exhaustive audit by external experts found only three minor flaws …read more

Source: http://nakedsecurity.sophos.com/

Facebook Vulnerability Allowed Removal of Any Video

By Eduard Kovacs Facebook has awarded a researcher $10,000 for finding a serious vulnerability that could have been exploited remotely to delete any video from the social media website.
read more

…read more

Source: Securityweek.com

Cisco WebEx Extension Flaw Allows Code Execution

By Eduard Kovacs Google Project Zero researcher Tavis Ormandy has discovered a critical remote code execution vulnerability in the Cisco WebEx browser extension. Cisco’s initial fix does not appear to be complete, which has led to Google and Mozilla temporarily removing the add-on from their stores.
read more

…read more

Source: Securityweek.com

Oracle Begins Layoff of 1,800 Hardware Employees

Oracle’s long-running high-end chips business and its correlated Unix-based Solaris operating system both appear to be headed for the Computer Tech Museum. …read more

Source: http://www.eweek.com/