MouseJack: Remote exploitation via radio frequencies
Bastille has uncovered a massive vulnerability in wireless mice and keyboards that leaves billions of PC’s and millions of networks vulnerable to remote exploitation via radio …
Year-old critical Magento flaw still exploited, payment info stolen
A whole year has passed since a critical e-shop hijacking flaw in the Magento CMS has been patched, but the vulnerability is still being exploited in attacks in the wild, …
VoIP phones can be turned into spying or money-making tools
A security vulnerability present in many enterprise-grade VoIP phones can easily be exploited by hackers to spy on employees and management, says security consultant Paul …
Old, unpatched flaws exploited to achieve control of Windows systems, networks
Foxglove Security researcher Stephen Breen has demonstrated that you don’t need to exploit a 0-day or even a recently discovered vulnerability to gain the highest level …
Elasticsearch servers actively targeted by botmasters
Elasticsearch is one of the most popular choices when it comes to enterprise search engines.Unfortunately, a couple of remote code execution flaws (CVE-2015-5377, …
Flaws in medical data management system can be exploited to modify patient information
Two vulnerabilities found in v3.3 of Epiphany’s Cardio Server ECG Management System, a popular system that is used to centralize and manage patient data by healthcare …
Exploit kit activity up 75 percent
The creation of DNS infrastructure by cybercriminals to unleash exploit kits increased 75 percent in the third quarter of 2015 from the same period in 2014, according to …
Bug in Android Gmail app allows effective email spoofing
Yan Zhu, a Technology Fellow at the Electronic Frontier Foundation, has unearthed a flaw in the Gmail Android app that can lead to very effective phishing attacks.The flaw is …
BadBarcode: Poisoned barcodes can be used to take over systems
Researchers from Tencent’s Xuanwu Lab have proved that a specially crafted barcode can be used to execute commands on a target system, saddle it with malware, or perform …
Criminals hacked chip-and-PIN system by perfecting researchers’ PoC attack
When in 2010 a team of computer scientists at Cambridge University demonstrated how the chip and PIN system used on many modern payment cards can be bypassed by making the POS …
Hackers are exploiting zero-day flaw in fully patched Adobe Flash
Adobe has released on Tuesday security updates that address multiple vulnerabilities in Reader, Acrobat, and Flash Player. Unfortunately, among the holes plugged in Flash …
Mobile ad network exploited to launch JavaScript-based DDoS attack
A type of DDoS attack that has until now been mostly theoretical has become reality: CloudFlare engineers have spotted a browser-based Layer 7 flood hitting one of its …
Featured news
Resources
Don't miss
- Eyes, ears, and now arms: IoT is alive
- What’s worth automating in cyber hygiene, and what’s not
- Want faster products and stronger trust? Build security in, not bolt it on
- DDoS attacks jump 358% compared to last year
- Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324)