Researchers from Qualys uncovered a major vulnerability in an application that allows administrators to delegate limited root access to regular users. While most major Linux distributions have released fixed versions of sudo, administrators still have to verify their systems are protected.
The NSA warned that Russian state attackers are targeting a recent VMware vulnerability, which NSA discovered and disclosed.
The latest research out of Kenna Security and Cyentia Institute compared how quickly defenders could remediate vulnerabilities and how quickly attackers could exploit the vulnerability in the wild.
Enterprise IT staff should prioritize fixing the flaws listed in the Top 25 list of most commonly targeted vulnerabilities released by the United States National Security Agency.
A new technique called the Raccoon attack can break the confidentiality of some TLS connections under certain circumstances.