Exploit

(get it in RSS or Atom)

Adobe issues emergency fix for Flash zero-day

Crooks are reportedly using a new Flash vulnerability called CVE-2015-0310.

Adobe has a fix already, so grab it while it's hot!

Big bag of fixes: Oracle's Critical Patches for Jan 2015 close 160 holes, 93 remotely exploitable

oracle-250

Big bag of fixes!

Oracle's Critical Patches for Jan 2015 fix 160 holes in 48 products, with 93 of those vulnerabilities remotely exploitable.

SSCC 181 - The Security Duel: "Bug reports at 15 paces" [PODCAST]

Microsoft vs. Google - Google vs. Users - Hackers vs. US Army - the fight is on in the latest episode of our weekly security podcast!

Enjoy...

Patch Tuesday wrap-up, December 2014 - why "Important" can be Critical...

patch-tuesday-denim-250

Adobe and Microsoft put forth their respective Patch Tuesday updates this week, bringing you their last scheduled patches of 2014.

Paul Ducklin digs in...

Adobe publishes out-of-band Flash update - provides "booster dose" for October's patches

Adobe has published a Flash update, dubbed APSB14-26.

The new patch offers additional protection against a vulnerability that was originally addressed in October 2014.

SSCC 175 - "My, what an ENORMOUS malware infection you have!" [PODCAST]

Here's the latest episode of our weekly security podcast.

For your listening pleasure - the news you can use!

WordPress issues critical security fixes, closing remote anonymous compromise bug and more

wp-250

WordPress has just published a critical security release.

If you're still on WordPress 3, this is about as critical as it gets, because one of the fixes closes a "remote anonymous compromise" bug.

"That's not a hack..." - 60 Sec Security [VIDEO]

Here's our latest 60 Second Security video.

One week of news in one amusingly informative minute...

Apple ships OS X 10.10.1 - does it fix those Wi-Fi problems?

yos-wifi-250

Reader: "So Paul, has Yosemite 10.10.1 fixed the Wi-Fi problems?"

Duck: "The answer is..."

Find out, as they say, inside.

The worst password in the penitentiary - 60 Sec Security [VIDEO]

Here's this week's 60 Second Security video.

The latest news made educational and amusing...and it only takes a minute.

Patch Tuesday wrap-up, November 2014: Microsoft joins the "security hole in HTTPS" club

patch-tuesday-denim-250

Here's what you need to know about the November 2014 Patch Tuesday updates from Microsoft and Adobe...

SSCC 172 - Ransomware's not dead! [PODCAST]

Here's the latest episode of our weekly security podcast.

News you can use!

Millions of Drupal websites at risk from failure to patch

Millions of Drupal websites at risk from failure to patch

You should assume that your Drupal 7 website has been compromised if you didn't patch it within 7 hours of the release of Drupal 7.32 on 15 October 2014.

SSCC 171 - Are you SURE that "1234" is a bad password? [PODCAST]

Here's the latest Chet Chat podcast for your listening pleasure...

Enjoy.

POODLEs, Sandworms and getting safe online - 60 Sec Security [VIDEO]

The week's security news, turned into an entertaining lesson, turned into a 1-minute video.

Enjoy...

Has the "Sandworm" zero-day exploit burrowed back to the surface?

sand-2-250

You may have noticed that Microsoft recently published a Security Advisory that sounds a lot like the "Sandworm" vulnerability all over again.

Paul Ducklin explains...

The "Sandworm" malware - what you need to know

sandworm-250

Fortunately, the Sandworm malware is a lot easier to deal with than the giant science fiction creature from which it takes its name.

In fact, in malware terms, it's not a worm at all.

Paul Ducklin takes a look...

Patch Tuesday for October 2014 - bigger than usual as Microsoft, Adobe and Oracle align

Oracle, Adobe and Microsoft patches are all arriving together on Tuesday 14 October 2014.

Paul Ducklin looks at what to expect...

Mummy, my schoolbooks are spying on me! 60 Sec Security [VIDEO]

Here's our latest 60 Second Security video for your viewing pleasure.

The wry side of the week's news, in just a minute...