bmhume

Lack of Data Unification and Automation Compromises Security IT Security Data Is Spread Far Too Wide There is so much data in the modern enterprise that it is hard to keep track of. A dozen different security systems, threat intelligence...

Ransomware Becomes a Pandemic Rise of Ransomware Fortinet’s 2021 Ransomware Survey Report reveals a more than 1000% surge in ransomware between July 2020 and June 2021. According to the report: Two thirds of organizations have been targeted by ransomware. One...

November Patch Tuesday 2021 Fixes 55 Flaws Microsoft Releases November 2021 Patch Tuesday Fixes There are 6 Critical (double than last month) and 49 Important fixes in this release. Updated were included Microsoft Windows and Windows components, 3D Viewer, Azure, Azure...

Top Linux Vulnerabilities for November 2021 1. Buffer overflow in Golang (<1.16.9) Severity: Critical         CVSS Score: 9.8 This is a validation flaw in Golang. When invoking functions from WASM modules built using GOARCH=wasm GOOS=js, passing very large arguments can cause...

Google Chrome Zero-Day Is Currently Being Weaponized Google Chrome Zero-Day Is Being Weaponized Google has released 95.0.4638.69 today to the Stable Channel to resolve serious issues impacting Windows, Linux and Mac OS.  So far this year Google have released over...

Linux Vulnerabilities of the Week: November 1, 2021 1. Unsafe deserialization of Xalan xsltc.trax.TemplatesImpl in XStream Severity: Important    CVSS Score: 8.8 XStream is a simple library, used to serialize objects to XML and back again. This is a flaw in...

Linux Vulnerabilities of the Week: October 25, 2021 1. Buffer overflow in Golang (<1.16.9) Severity: Critical         CVSS Score: 9.8 This is a validation flaw in Golang. When invoking functions from WASM modules built using GOARCH=wasm GOOS=js, passing very large arguments...

Linux Vulnerabilities of the Week: October 18, 2021 1. Apache HTTP server vulnerability Severity: Critical         CVSS Score: 9.8 This is a path transversal and remote code execution flaw in Apache HTTP Server 2.4.49 and 2.4.50, which a remote attacker could...

Top 10 Most Exploited Vulnerabilities Top of the Vulnerability Charts Music services such as Spotify, iHeartRadio, and Apple Music often release top 10 lists of their most popular songs in various categories. Justin Bieber, Ed Sheeran, and The Weeknd are...

Are You Too Busy to Deploy Patches? Why Patches are Left Undeployed It can seem baffling how so many urgent security patches remain undeployed months, and sometimes years, after their publication. Even famously vicious vulnerabilities covered endlessly in the news...