Exploit kit targets Android devices, delivers ransomware
Ransomware hitting mobile devices is not nearly as widespread as that which targets computers, but Blue Coat researchers have discovered something even less common: mobile …
Exploit kits: The rise in user-friendly malware
In past years, we’re seen a massive increase in the use of exploit kits. No website is too great to withstand the many powerful kits, with the Mail Online famously …
Researchers release PoC exploit for broken IBM Java patch
Polish firm Security Explorations has had enough of broken patches for security vulnerabilities it has reported to vendors. On Monday, the company’s CEO Adam Gowdiak has …
Update your ManageEngine Password Manager Pro ASAP!
Security researcher Sebastian Perez has revealed eight serious security vulnerabilities in ManageEngine Password Manager Pro (PMP), a password management software for …
Emergency Java update plugs system compromise hole
Oracle has issued an emergency security update for Java to plug a critical flaw (CVE-2016-0636) that could be exploited by luring users to visit a web page hosting the …
RCE flaw affects DVRs sold by over 70 different vendors
RSA security researcher Rotem Kerner has discovered a remote code execution vulnerability that affects digital video recorders (DVRs) sold by more than 70 different vendors …
Investigating exploit kits: Clear and present danger
Nick Biasini is the Outreach Engineer at Cisco Talos. He has researched a wide range of topics including exploit kits and various malware campaigns being distributed through …
MouseJack: Remote exploitation via radio frequencies
Bastille has uncovered a massive vulnerability in wireless mice and keyboards that leaves billions of PC’s and millions of networks vulnerable to remote exploitation via radio …
Year-old critical Magento flaw still exploited, payment info stolen
A whole year has passed since a critical e-shop hijacking flaw in the Magento CMS has been patched, but the vulnerability is still being exploited in attacks in the wild, …
VoIP phones can be turned into spying or money-making tools
A security vulnerability present in many enterprise-grade VoIP phones can easily be exploited by hackers to spy on employees and management, says security consultant Paul …
Old, unpatched flaws exploited to achieve control of Windows systems, networks
Foxglove Security researcher Stephen Breen has demonstrated that you don’t need to exploit a 0-day or even a recently discovered vulnerability to gain the highest level …
Elasticsearch servers actively targeted by botmasters
Elasticsearch is one of the most popular choices when it comes to enterprise search engines.Unfortunately, a couple of remote code execution flaws (CVE-2015-5377, …
Featured news
Sponsored
Don't miss
- Most people still rely on memory or pen and paper for password management
- What AI can tell organizations about their M&A risk
- Breaking down the numbers: Cybersecurity funding activity recap
- Applying DevSecOps principles to machine learning workloads
- Overcoming GenAI challenges in healthcare cybersecurity