Joomla! Releases Security Update for its CMS

Joomla! has released a critical security update for its Content Management System (CMS) software to address multiple vulnerabilities. Joomla! states that the exploitation of these vulnerabilities may allow a remote attacker to take control of an affected website. Joomla! also urges users and administrators to update their sites with immediate effect.

Joomla! Releases Security Update for its CMS

Joomla! has released a critical security update for its Content Management System (CMS) software to address multiple vulnerabilities. Joomla! states that the exploitation of these vulnerabilities may allow a remote attacker to take control of an affected website. Joomla! also urges users and administrators to update their sites with immediate effect.

Drupal has released security update

Drupal has released an advisory to address vulnerabilities in Drupal core 8.x versions prior to 8.1.10. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system. Following vulnerabilities were fixed in released security update.

Attacks Targeting ATMs on the Rise in Asia

Automated Teller Machines in several Asian countries have been the target of large-scale organised hacks over the past few years. Attackers have used vulnerabilities present in these machines to steal varying, but significant, amounts of cash from several ATM networks in Thailand, Malaysia, Japan, Taiwan, and Bangladesh, among others. The latest of such attacks have taken place in Thailand, where 21 ATMs were targeted, resulting in a loss of more than THB 12 million (USD 350,000 or LKR 50 million). This attack also resulted in a significant portion (47%) of Thailand’s Government Savings Bank’s ATMs to be shut down.

Drupal Releases Critical Security Advisory

The popular content management system Drupal has released an advisory that addresses a critical vulnerability. Drupal has stated that the exploitation of this vulnerability could allow a remote attacker to take control of an affected system. It is therefore advised that users and administrators do the necessary updates to Drupal and take the other mitigation steps detailed in this advisory.

The “Badlock” Vulnerability

In mid-March 2016, an unusual announcement was made: It did not detail a vulnerability, but rather mentioned than a vulnerability will be announced on 12 April 2016 that affects Samba and Windows. On 12 April, the vulnerability – branded “Badlock” – was detailed on badlock.org, a website that was registered on 11 March 2016.

Microsoft Releases April 2016 Security Bulletins

Microsoft has released a comprehensive security bulletin for the month of January 2016 detailing all known vulnerabilities in their products and the updates that address these vulnerabilities. A total of 13 updates have been reported, with 31 vulnerabilities addressed. The software products that this update addressed include Internet Explorer, Microsoft Edge, Microsoft Graphics Component, Microsoft XML Core Services, .NET Framework, Microsoft Office, and several others. Users and administrators are advised to patch and update their products with immediate effect.

Google cannot patch 29% of Android Devices

In the smartphone market, Google’s Android OS is the clear market leader by volume. Unlike Apple’s iOS, Android is not under the control of its creator, and this has led to the popularity of the platform as well as multiple customization according to device manufacturer’s needs. Devices ranging from Samsung smartphones to Amazon Kindle e‑book reader / tablet use Android. It is estimated that over 1.4 billion Android Devices have been sold – roughly 1 device per 5 people on the planet.

Oracle Releases Critical Patch Advisory for April 2016

Oracle has released its quarterly critical patch update for April 2016. The security bulletin that was released states that a total of 136 vulnerabilities have been fixed across the range of software products produced by the company. The software products updates include Oracle Database Server, Oracle Fusion Middleware, Oracle Enterprise Manager Grid Control, Oracle E-Business Suite, Oracle Supply Chain Products Suite, Oracle PeopleSoft Products, Oracle JD Edwards Products, Oracle Siebel CRM, and many others.

Oracle Releases Security Update for Java SE

Oracle has released a security update for Java SE that addresses a vulnerability present in its previous versions. Oracle states that the exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Oracle further states that this vulnerability only apples to Java SE running in web browsers, and is not applicable to Java deployments in servers or standalone desktop applications that load and run only trusted code. Oracle further states that this vulnerability does not affect Oracle server-based applications. Users and administrators are advised to update their versions of Java SE as early as possible.

logofooter2

Member of

logo apcertfirst logo-2

Collaborated with

apwg2ICTA logo2ack cymru

Our Partners
lanka-certify-logoDark-Lab-Logo2contact