One of the most important information related to cyber security pertains to August release of a patch for the Stagefright vulnerability, to which almost all versions of the Android OS from versions 2.2 to version 5.1 are vulnerable. The existence of Stagefright had been made public at the end of July and it is estimated that vulnerable device number in hundreds of millions. The vulnerability enables the attacker to cause arbitrary code execution by sending a specially crafted MMS.
Probably the most interesting of security-related news in June has been an announcement by OPM (Office of Personnel Management of United States), organization which is responsible for HR services and administration of US federal employees, about an attack which exposed records for approximately four million current and past employees. The breach has apparently been active for some time before it was discovered using a special IDS called Einstein. Anonymous US officials attributed the attack to China.
May has been at least as rich on cybersecurity incidents and events as any of the previous months of the year. Some of the more important are described in the following text. The VENOM (Virtual Environment Neglected Operations Manipulation) vulnerability may be considered to be a very significant one. VENOM is a vulnerability in the code of a virtual floppy drive which is used by some of the virtualization platforms (QEMU, KVM, Xen).