Patch Tuesday Lowdown, April 2019 Edition — Krebs on Security

Posted on April 13th, 2019 by Responsible Cyber

Microsoft today released fifteen software updates to fix more than 70 unique security vulnerabilities in various flavors of its Windows operating systems and supported software, including at least two zero-day bugs. These patches apply to Windows, Internet Explorer (IE) and Edge browsers, Office, Sharepoint and Exchange. Separately, Adobe has issued security updates for Acrobat/Reader and Flash Player. […]

Read More

TajMahal Spyware – Schneier on Security

Posted on April 13th, 2019 by Responsible Cyber

TajMahal SpywareKaspersky has released details about a sophisticated nation-state spyware it calls TajMahal: The TajMahal framework’s 80 modules, Shulmin says, comprise not only the typical keylogging and screengrabbing features of spyware, but also never-before-seen and obscure tricks. It can intercept documents in a printer queue, and keep track of “files of interest,” automatically stealing them […]

Read More

Nvidia patches severe bugs in edge computing modules

Posted on April 5th, 2019 by Responsible Cyber

by Danny Bradbury Nvidia has released 13 patches targeting two low-end embedded computing boards. The processor company explained in a security advisory this week that the flaws could lead to code execution, denial of service, escalation of privileges, or information disclosure. These security bugs won’t turn up in your gaming PC, but they could cause […]

Read More

Latest iOS 12.2 Update Patches Some Serious Security Vulnerabilities

Posted on March 30th, 2019 by Responsible Cyber

Apple on Monday released iOS 12.2 to patch a total of 51 security vulnerabilities in its mobile operating system that affects iPhone 5s and later, iPad Air and later, and iPod touch 6th generation.A majority of vulnerabilities Apple patched this month reside in its web rendering engine WebKit, which is used by many apps and […]

Read More

Commando VM — Turn Your Windows Computer Into A Hacking Machine

Posted on March 30th, 2019 by Responsible Cyber

FireEye today released Commando VM, which according to the company, is a “first of its kind Windows-based security distribution for penetration testing and red teaming.”When it comes to the best-operating systems for hackers, Kali Linux is always the first choice for penetration testers and ethical hackers.However, Kali is a Linux-based distribution, and using Linux without […]

Read More

PuTTY Releases Important Software Update to Patch 8 High-Severity Flaws

Posted on March 24th, 2019 by Responsible Cyber

The popular SSH client program PuTTY has released the latest version of its software that includes security patches for 8 high-severity security vulnerabilities.PuTTY is one of the most popular and widely used open-source client-side programs that allows users to remotely access computers over SSH, Telnet, and Rlogin network protocols.Almost 20 months after releasing the last […]

Read More

Android Q — Google Adds New Mobile Security and Privacy Features

Posted on March 24th, 2019 by Responsible Cyber

Google has recently released the first beta version of Android Q, the next upcoming version of Google’s popular mobile operating system, with a lot of new privacy improvements and other security enhancements.Android Q, where Q has not yet been named, offers more control over installed apps, their access, and permissions, and location settings; more support […]

Read More

Libssh Releases Update to Patch 9 New Security Vulnerabilities

Posted on March 24th, 2019 by Responsible Cyber

Libssh2, a popular open source client-side C library implementing the SSHv2 protocol, has released the latest version of its software to patch a total of nine security vulnerabilities.The Libssh2 library is available for all major distributors of the Linux operating systems, including Ubuntu, Red Hat, Debian, and also comes bundled within some distributions and software […]

Read More

NSA Releases GHIDRA 9.0 — Free, Powerful Reverse Engineering Tool

Posted on March 14th, 2019 by Responsible Cyber

The United States’ National Security Agency (NSA) today finally released GHIDRA version 9.0 for free, the agency’s home-grown classified software reverse engineering tool that agency experts have been using internally for over a decade to hunt down security bugs in software and applications.GHIDRA is a Java-based reverse engineering framework that features a graphical user interface […]

Read More

Adobe Releases Patches for Critical Flaws in Photoshop CC and Digital Edition

Posted on March 14th, 2019 by Responsible Cyber

Adobe users would feel lighter this month, as Adobe has released patches for just two security vulnerability in its March Security Update.The company today released its monthly security updates to address two critical arbitrary code execution vulnerabilities—one in Adobe Photoshop CC and another in Adobe Digital Editions.Upon successful exploitation, both critical vulnerabilities could allow an […]

Read More