May 2018

Hidden Cobra Strikes Again US-CERT and the FBI have issued a new alert on cyber-attacks it blames on North Korea.  The warning is about the hacking operations dubbed “HIDDEN COBRA” that the United States charges were launched by Pyongyang. The...

Beware: Windows 10 Feature Updates are Double Work! Windows 10 Feature Updates (Windows 10 Servicing) will dominate the agenda of many IT Managers as Microsoft uses their new release method to introduce new operating system experiences and security enhancements for...

FBI, DHS, and UK Authorities issue warning over VPNFilter The FBI, DHS and UK authorities have issued a warning for the VPNFilter malware threat. According to Alert TA18-145A, there are concerns that actors will use VPNFilter to target routers and...

The IoT is Here to Stay: Risks Included Research from Metova has revealed the current scale of smart product adoption in the United States.  According to Metova, 90 percent of U.S users now own some form of smart device. This...

Red Hat Linux DHCP Client Vulnerability Red Hat has been made aware of a couple of flaws in the way the Linux kernel handles exceptions triggered after the POP SS and MOV to SS instructions, these are identified as CVE-2018-8897...

Two Zero-Day Exploits Resolved Microsoft has released two zero-days that have actively been exploited in the wild by cybercriminals. Microsoft has credited Qihoo 360 and Kaspersky Lab for reporting this vulnerability. Both companies say the flaw has been exploited in...

Logitech IoT Harmony Hub Fixes Several Security Flaws Harmony Hub-based products, which include Harmony Elite, Home Hub, Ultimate Hub, Home Control, Pro, Smart Control, Smart Keyboard, Ultimate Home, and Harmony Hub are potentially vulnerable to four types of vulnerabilities that...

Microsoft Releases Critical Update In something of an unusual move, Microsoft has released a critical update before Patch Tuesday. This patch addresses a vulnerability within the Windows Host Compute Service Shim (hcsshim) library. Thanks to work by Swiss security researcher...

Oracle WebLogic Flaw Opens Door to Hackers In early April, Oracle released updates for a vulnerability within WebLogic Server. At the time, it seemed like that was that, but now a tech researcher claiming to be part of Alibaba’s security...

Living in the Shadow of Spectre After fumbling their first attempt at patching the Spectre vulnerability, Microsoft has released Security Update 4078407. According to their security advisory, “applying this update will enable the Spectre Variant 2 mitigation CVE-2017-5715 – “Branch...