OWASP: Top Ten Most Critical Web Application Vulnerabilities For 2017
Insecure software is undermining critical infrastructure woldwide. As our infrastructure becomes increasingly complex and connected, the difficulty of achieving application security increases exponentially. Further information on this topic can be…
Read MoreOPUS: Six Strategies for Defense-in-Depth
Serious issues often originate inside the network: everything from worms, viruses, and Trojan horses to unsecured wireless networks, peer-to-peer mobile communications and guest users can compromise the security of corporate…
Read MoreTTCSIRT-112.042518: TT-CSIRT Advisory – Apple Security Updates
Apple has a released a security update stating that the following vulnerabilities have been discovered in the macOS 10.13.4: a) A memory corruption issue was addressed with improved error handling…
Read MoreTTCSIRT-111.042518: TT-CSIRT Advisory – Drupal Security Updates
Drupal has released a security update stating that CKEditor, a third-party JavaScript library included in Drupal core, has fixed a cross-site scripting (XSS) vulnerability. The vulnerability stemmed from the fact…
Read MoreGoogle Discloses Windows Lockdown Policy Zero-Day
A Windows 10 vulnerability that could bypass Windows Lockdown Policy and result in arbitrary code execution remains unpatched 90 days after Microsoft has been informed on the bug’s existence. On…
Read MoreMicrosoft Announces New Windows Platform Security Technology
Microsoft on Thursday announced Windows Defender System Guard runtime attestation, a new Windows platform security technology set to roll out to all editions of Windows. Meant to mitigate attacks in…
Read More