Oracle Fixes 301 Flaws in October Critical Patch Update
The update includes one critical flaw in Oracle GoldenGate with a CVSS 3.0 score of 10.0.
Source: Threat Post – Web Security
[...]
Web Security
Articles targeted at Web App Security, hacks, guides, how to’s and the latest vulnerabilities.
libssh Authentication Bypass Makes it Trivial to Pwn Rafts of Servers
The flaw affects thousands of servers; but GitHub, a major libssh user, is unaffected.
Source: Threat Post – Web Security – libssh
[...]
On Heels of Criticism, Newly-Released Google Chrome 70 Prioritizes Privacy
The update also features 23 security fixes.
Source: Threat Post – Web Security – On Heels of Criticism, Newly-Released Google Chrome 70
[...]
As End of Life Nears, More Than Half of Websites Still Use PHP V5
Support for PHP 5.6 drops on December 31 – but a recent report found that almost 62 percent of websites are still using
[...]
ThreatList: Half of Execs Feel Unprepared to Respond to a Cyber-Incident
Deloitte estimates cybercrime costs to reach $6 trillion annually — but companies still lag in preparedness.
Source: Threat Post – Web Security
[...]
Facebook Expands Efforts to Squash Voter Suppression
The social network will crack down on those spreading disinformation in an effort to keep people away from the polls.
Source: Threat
[...]
Facebook Offers Details on ‘View As’ Breach, Revises Numbers
Facebook’s VP of product management was able to discuss more specifics about how the breach itself occurred.
Source: Threat Post – Web
[...]
Threatpost News Wrap Podcast For Oct. 12
Threatpost’s editors discuss the top news of this week.
Source: Threat Post – Web Security – Threatpost News Wrap Podcast For Oct.
[...]
Facebook Bans More Than 800 Accounts in Disinformation Purge
The move comes a month before the November midterm elections – and at a time when all eyes are on Facebook to see
[...]
FitMetrix Exposes Millions of Customer Details, Accessed by Criminals
Gym customer data, including contact information, birth dates and height/weight data, opens the door to convincing follow-on social-engineering attacks.
Source: Threat Post
[...]