Auto Added by WPeMatico
Cities, states, federal and military agencies should patch the Laserfiche CMS post-haste, said the security researcher whose jaw dropped at 50 sites hosting porn and Viagra spam. orginal source link
The newly identified bug in a Zoho single sign-on and password management tool has been under active attack since early August. orginal source link
A driver privilege-escalation bug gives attackers kernel-mode access to millions of PCs used for gaming. orginal source link
Dubbed OMIGOD, a series of vulnerabilities in the Open Management Infrastructure used in Azure on Linux demonstrate hidden security threats, researchers said. orginal source link
On Patch Tuesday, Microsoft fixed 66 CVEs, including an RCE bug in MSHTML under active attack as threat actors passed around guides for the drop-dead simple exploit. orginal source link
Saryu Nayyar, CEO at Gurucul, peeks into Mitre’s list of dangerous software bug types, highlighting that the oldies are still the goodies for attackers. orginal source link
The security vulnerabilities bring the web behemoth up to 10 browser zero-days found so far this year. orginal source link
Imperva’s Elad Erez discusses findings that 46 percent of on-prem databases are sitting ducks, unpatched and vulnerable to attack, each with an average of 26 flaws. orginal source link
Citizen Lab urges Apple users to update immediately. The new zero-click zero-day ForcedEntry flaw affects all things Apple: iPhones, iPads, Macs and Watches. orginal source link
The security vulnerability can be exploited with a malicious CSV file. orginal source link