Tag: patches
-
Schneier on Security: Google Project Zero Changes Its Disclosure Policy
Source URL: https://www.schneier.com/blog/archives/2025/08/google-project-zero-changes-its-disclosure-policy.html Source: Schneier on Security Title: Google Project Zero Changes Its Disclosure Policy Feedly Summary: Google’s vulnerability finding team is again pushing the envelope of responsible disclosure: Google’s Project Zero team will retain its existing 90+30 policy regarding vulnerability disclosures, in which it provides vendors with 90 days before full disclosure takes place,…
-
Cisco Talos Blog: ReVault! When your SoC turns against you…
Source URL: https://blog.talosintelligence.com/revault-when-your-soc-turns-against-you/ Source: Cisco Talos Blog Title: ReVault! When your SoC turns against you… Feedly Summary: Talos reported 5 vulnerabilities to Broadcom and Dell affecting both the ControlVault3 Firmware and its associated Windows APIs that we are calling “ReVault”. AI Summary and Description: Yes **Summary:** The report details significant vulnerabilities discovered in Dell’s ControlVault3…
-
The Register: SonicWall investigates ‘cyber incidents,’ including ransomware targeting suspected 0-day
Source URL: https://www.theregister.com/2025/08/04/sonicwall_investigates_cyber_incidents/ Source: The Register Title: SonicWall investigates ‘cyber incidents,’ including ransomware targeting suspected 0-day Feedly Summary: Bypassing MFA and deploying ransomware…sounds like something that rhymes with ‘schmero-day’ SonicWall on Monday confirmed that it’s investigating a rash of ransomware activity targeting its firewall devices, following multiple reports of a zero-day bug under active exploit…
-
The Register: No login? No problem: Cisco ISE flaw gave root access before fix arrived, say researchers
Source URL: https://www.theregister.com/2025/07/24/no_login_no_problem_cisco_flaw/ Source: The Register Title: No login? No problem: Cisco ISE flaw gave root access before fix arrived, say researchers Feedly Summary: Shadowserver claims miscreants were already poking at a critical hole in early July, long before Switchzilla patched it Threat actors have actively exploited a newly patched vulnerability in Cisco’s Identity Services…
-
Slashdot: VMware Prevents Some Perpetual License Holders From Downloading Patches
Source URL: https://tech.slashdot.org/story/25/07/24/0125217/vmware-prevents-some-perpetual-license-holders-from-downloading-patches?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: VMware Prevents Some Perpetual License Holders From Downloading Patches Feedly Summary: AI Summary and Description: Yes Summary: The text highlights significant security implications for customers of Broadcom’s VMware business due to limited access to security patches for users with perpetual licenses lacking current support contracts. This impacts their security…
-
The Register: Microsoft SharePoint victim count hits 400+ orgs in ongoing attacks
Source URL: https://www.theregister.com/2025/07/23/microsoft_sharepoint_400_orgs/ Source: The Register Title: Microsoft SharePoint victim count hits 400+ orgs in ongoing attacks Feedly Summary: US DOE among breached government agencies More than 400 organizations have been compromised in the Microsoft SharePoint attack, according to Eye Security, which initially sounded the alarm on the mass exploitation last Friday, even before Redmond…