Equifax Suffered Data Breach After It Failed to Patch Old Apache Struts Flaw

The massive Equifax data breach that exposed highly sensitive data of as many as 143 million people was caused by exploiting a flaw in Apache Struts framework, which Apache patched over two months earlier of the security incident, Equifax has confirmed. Credit rating agency Read More …

Immediately Patch Windows 0-Day Flaw That’s Being Used to Spread Spyware

Windows 0-Day Flaw Get ready to install a fairly large batch of security patches onto your Windows computers. As part of its September Patch Tuesday, Microsoft has released a large batch of security updates to patch a total of 81 Read More …

Juniper Issues Security Alert Tied to Routers and Switches

Juniper Networks warned customers Thursday of a high-risk vulnerability in the GD graphics library that could allow a remote attacker to take control of systems running certain versions of the Junos OS. The alert was in conjunction with a warning Read More …

Cisco Fixes DoS, Authentication Bypass Vulnerabilities, OSPF Bug

Cisco fixed 15 vulnerabilities this week in more than a dozen products, including two high severity vulnerabilities that could have let an attacker trigger a denial of service condition or bypass local authentication. The more severe bugs fixed on Wednesday Read More …

IBM Patches Reflected XSS in Worklight, MobileFirst

BM fixed a cross-site scripting vulnerability in two products last month that could have let an attacker execute malicious JavaScript code in a victim’s browser to steal sensitive information, or user credentials. The vulnerability (CVE-2017-1500) lingered in the products, Worklight Read More …

Siemens Patches Authentication Bypass Flaw in SiPass Server

A handful of vulnerabilities in Siemens’ SiPass integrated server have been patched, including one that allows an attacker to bypass authentication on the box. SiPass is the company’s integrated access control server managing physical access in a number of industries Read More …