Microsoft Patch Tuesday, October 2020 Edition

Its Cybersecurity Awareness Month! In keeping with that theme, if you abuse Microsoft Windows computers you should be aware the company shipped a bevy of software updates today to fix at least 87 security problems in Windows and programs that run on top of the operating system. That means its onc...

Microsoft Patch Tuesday, February 2020 Edition

Microsoft today released updates to plug nearly 100 security holes in various versions of its Windows operating system and related software, including a zero-day vulnerability in Internet Explorer IE that is actively being exploited. Also, Adobe has issued a bevy of security updates for its vario...

Razer: DOM XSS at https://www.thx.com in IE/Edge browser

Summary: I just recently found easy exploitable DOM XSS vulnerability because of https://www.thx.com/assets/plugins/ultimate-social-media-icons/js/custom.js?ver=5.2.3 js file Steps To Reproduce: First i want to say this is vulnerable code function sfsimobilewechatshareurl if...

On Schneier's DDoS Article, OS X Malware Detection, and Patches

Mike Mimoso and Chris Brook discuss the news of the week, including Schneier’s DDoS article, a patched IE/Edge zero day, a new OS X malware detection method, and Google’s Project Zero prize. Download: ThreatpostNewsWrapSeptember162016.mp3 Music by Chris Gonsalves...