patch management

Pierluigi Paganini November 17, 2021
The rise of millionaire zero-day exploit markets

Researchers detailed the multi-millionaire market of zero-day exploits, a parallel economy that is fueling the threat landscape. Zero-day exploits are essential weapons in the arsenal of nation-state actors and cybercrime groups. The increased demand for exploits is fueling a millionaire market where these malicious codes are incredibly expensive. Researchers from Digital Shadows published an interesting […]

Pierluigi Paganini May 19, 2019
Unpatched Ethereum Clients expose the ecosystem to 51% Attack risk

Security researchers from SRLabs have published a report that analyzed the risks for Ethereum network caused by unpatched Ethereum clients. Researchers at SRLabs published a report based on data, that revealed that a large number of nodes using the popular clients Parity and Geth is still unpatched. The expert discovered that the Ethereum clients and […]

Pierluigi Paganini October 25, 2018
Google requires 2 years of Android security updates for popular devices

The media outlet The Verge obtained a copy of a contract between Google and OEMs that obliges them to two years of security updates for popular phones. Google continues the battle for securing devices of its users, this time making mandatory for device makers two years of Android security updates. One of the main problems with […]

Pierluigi Paganini October 06, 2018
Sony Bravia Smart TVs affected by a critical vulnerability

Experts at FortiGuard Labs team discovered three vulnerabilities in eight Sony Bravia smart TVs, one of them rated as critical. Patch management is a crucial aspect for IoT devices, smart objects are surrounding us and represent a privileged target for hackers. Experts at FortiGuard Labs team discovered three vulnerabilities (a stack buffer overflow, a directory traversal, […]

Pierluigi Paganini April 14, 2018
Are your Android devices updated? Researchers say maybe no

Probably you don’t know that many Android smartphone vendors fail to roll out Google’s security patches and updates exposing the users to severe risks. Researchers at Security Research Labs (SRL) that the problem also involves major vendors, including HTC, Huawei, and Motorola. In some cases, manufacturers roll out incomplete security patches leaving the devices vulnerable to […]

Pierluigi Paganini November 18, 2016
Drupal releases security updates to fix four vulnerabilities in versions 7, 8

Drupal developers have released updates for versions 7 and 8 that fix security issues which could expose websites to cyber attacks. The Drupal development team has released security updates for versions 7 and 8. The updates fix security vulnerabilities that could expose websites running on the popular CMS and data they manage to security risks, […]

Pierluigi Paganini November 22, 2015
DHS Information Security Program, Dozens secret databases vulnerable to hack

Evaluation of DHS Information Security Program for Fiscal Year 2015 revealed the existence of dozens of top-secret unpatched databases. The story I’m about to tell you is staggering, the US Department of Homeland Security is running dozens of unpatched and vulnerable databases, a number of them contained information rated as “secret” and even “top secret.” The discovery emerged […]

Pierluigi Paganini October 28, 2015
US Army Experts Call for military bug bounty program AVRP

US Army Military experts urge the establishment of an Army Vulnerability Response Program (AVRP),  a sort of military bug bounty program. What happen when bug hunters have to work with high sensitive environment? An interesting post published by the Cyber Defense Review raises the discussion about the was way to handle vulnerabilities in the information security infrastructure of the […]

Pierluigi Paganini October 16, 2015
88% of Android devices vulnerable due to slow patch management

Researchers probed 20,400 Android devices and found 87.7 per cent contained at least one exploitable vulnerability due to a slow patch management. New Android vulnerabilities are discovered every day, but it looks like that, some Android vendors are very slow in applying the necessary patch to fix the security issues. Some Android vendors are only […]

Pierluigi Paganini September 07, 2015
Fiat Chrysler recalls thousands Jeep Renegade SUVs due to hacking risks

Fiat Chrysler has recalled nearly 8,000 Jeep Renegade SUVs in the US to update the software that could be exploited by attackers to hack the vehicles. No peace for Fiat Chrysler Automobiles after the disclosure of the attack against its Jeep Cherokee model made by the popular hackers Charlie Miller and Chris Valasek. The duo of […]