I'm currently on vacation with my family in beautiful Greece, and want to make the most of my time here with them.
But I didn't want to leave you out of sync with the security world, so I selected the stories that jumped out, just with a little less filtering and summarising. The result is a bit rougher, but I hope you still get value out of it :-)
- Multiple vulnerabilities in PHP found, update to your latest version: link
- Microsoft and Adobe patch cycle: link
- Lenovo patches remote code execution flaw: link
- Another critical Cisco WebEx flaw patched: link
- Critical bug in 7-zip patched: link
A detailed technical article which explains how malicious attackers can target vulnerable web applications running on developers' workstations to bypass corporate firewalls. This might sound far fetched, but it is very typical for developers to run vulnerable (still being developed) web applications on their computers.
Fleetsmith just launched new security features: remote lock and wipe of employees' devices and kernel extension whitelisting. You can also escrow each Mac's FileVault recovery key, and enforce a company policy for password and screen saver settings. I use Fleetsmith every day, much recommended :)