Alerts & Advisories

OWASP: Top Ten Most Critical Web Application Vulnerabilities For 2017

Insecure software is undermining critical infrastructure woldwide. As our infrastructure becomes increasingly complex and connected, the difficulty of achieving application security increases exponentially. Further information on this topic can be…

Read More
OPUS: Six Strategies for Defense-in-Depth

Serious issues often originate inside the network: everything from worms, viruses, and Trojan horses to unsecured wireless networks, peer-to-peer mobile communications and guest users can compromise the security of corporate…

Read More
TTCSIRT-112.042518: TT-CSIRT Advisory – Apple Security Updates

Apple has a released a security update stating that the following vulnerabilities have been discovered in the macOS 10.13.4: a) A memory corruption issue was addressed with improved error handling…

Read More
TTCSIRT-111.042518: TT-CSIRT Advisory – Drupal Security Updates

Drupal has released a security update stating that CKEditor, a third-party JavaScript library included in Drupal core, has fixed a cross-site scripting (XSS) vulnerability. The vulnerability stemmed from the fact…

Read More
Google Discloses Windows Lockdown Policy Zero-Day

A Windows 10 vulnerability that could bypass Windows Lockdown Policy and result in arbitrary code execution remains unpatched 90 days after Microsoft has been informed on the bug’s existence. On…

Read More
Microsoft Announces New Windows Platform Security Technology

Microsoft on Thursday announced Windows Defender System Guard runtime attestation, a new Windows platform security technology set to roll out to all editions of Windows. Meant to mitigate attacks in…

Read More