10Fold – Security Never Sleeps – 138

Critical McAfee ePO Flaw Patched

“Vulnerability ideal for user reconnaissance”

Intel’s security division has fixed a critical breach in the McAfee ePolicy Orchestrator security management product. Before the patch, users were susceptible to spying of an organizational infrastructure.

How Google fought back against a crippling IoT-powered botnet and won

“Google security engineer gives a behind-the-scenes account”

A bigger picture of the IoT attack on Krebs was revealed by a Google Security engineer at the Enigma security conference last Wednesday. After requests for help from Google, the engineering team weighed the benefits and assisted the website with defensive measures from IoT botnet attacks.

WordPress: Why we didn’t tell you about a big zero-day we fixed last week

“Concerns for users cited”

WordPress intentionally withheld information over security issues, drawing criticism from some users.  Aaron Campbell, a WordPress core Maintainer, gave the following statement regarding the decision:
“It is our stance that security issues should always be disclosed. In this case, we intentionally delayed disclosing this issue by one week to ensure the safety of millions of additional WordPress sites.”

Enjoy your read? Check out our other content here.

Leave a Reply

Your email address will not be published.