TTCSIRT-113.050318: TT-CSIRT Advisory – Microsoft Security Updates
Microsoft has released a security update stating that a remote code execution vulnerability exists when the Windows Host Compute Service Shim (hcsshim) library fails to properly validate input while importing…
Read MoreOWASP: Top Ten Most Critical Web Application Vulnerabilities For 2017
Insecure software is undermining critical infrastructure woldwide. As our infrastructure becomes increasingly complex and connected, the difficulty of achieving application security increases exponentially. Further information on this topic can be…
Read MoreOPUS: Six Strategies for Defense-in-Depth
Serious issues often originate inside the network: everything from worms, viruses, and Trojan horses to unsecured wireless networks, peer-to-peer mobile communications and guest users can compromise the security of corporate…
Read MoreTTCSIRT-112.042518: TT-CSIRT Advisory – Apple Security Updates
Apple has a released a security update stating that the following vulnerabilities have been discovered in the macOS 10.13.4: a) A memory corruption issue was addressed with improved error handling…
Read MoreTTCSIRT-111.042518: TT-CSIRT Advisory – Drupal Security Updates
Drupal has released a security update stating that CKEditor, a third-party JavaScript library included in Drupal core, has fixed a cross-site scripting (XSS) vulnerability. The vulnerability stemmed from the fact…
Read MoreGoogle Discloses Windows Lockdown Policy Zero-Day
A Windows 10 vulnerability that could bypass Windows Lockdown Policy and result in arbitrary code execution remains unpatched 90 days after Microsoft has been informed on the bug’s existence. On…
Read More