CIS Logo
tagline: Confidence in the Connected World


Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution.



Multiple vulnerabilities have been discovered in Cisco WebEx Network Recording Player and Cisco Webex Player which could allow an unauthenticated, remote attacker to execute arbitrary code on the system of a targeted user.



Multiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for arbitrary code execution.



A vulnerability has been discovered in Microsoft Office for Mac, which could allow for remote code execution.



The October 2019 issue of AppSec Advisor focuses on injection attacks. Learn more about their prevalence, cause, and ways to mitigate against them.


Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution.



The Department of State has established protocols that are to be followed in the event an attempted cyber incident or anomaly is detected.


Multiple vulnerabilities have been discovered in watchOS, Safari, iOS, iPadOS, macOS Catalina, and tvOS.



The Top 10 Malware variants for September closely resemble those of the previous month with the exception of Bifrose and CryptoWall.


The Multi-State Information Sharing and Analysis Center has created a list of End-of-Support (EOS) software dates from 1/01/2019 to 4/2020.


Multiple vulnerabilities have been identified in Mozilla Thunderbird, the most severe of which could allow for arbitrary code execution.



Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow for arbitrary code execution.



Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution.



Multiple vulnerabilities have been discovered in Mozilla Firefox and Firefox Extended Support Release (ESR), the most severe of which could allow for arbitrary code execution.



This year’s overarching message – "Own IT. Secure IT. Protect IT. "– has been designed to encourage proactive behavior, and promote security best practices.


1 2 3 69