Pwn2Own 2015: New rules, prizes, and potential problems
If you intend to participate in the Pwn2Own competition at the CanSecWest 2015 conference on March 18 and 19 in Vancouver, Canada, you would do well to consult with a legal …
Google Play flaw opens Android devices to silent malware installation
Android users are in danger of getting malicious apps silently installed on their devices by attackers, warns Rapid7’s Tod Beardsley, technical lead for the Metasploit …
Forbes.com compromised by Chinese cyber spies targeting US firms
Forbes.com – the 61st most popular website in the US according to Alexa – has been compromised to redirect certain visitors to websites delivering espionage …
League of Legends exploit allows attackers to access gamers’ accounts
A string of hacks has revealed the existence of an exploit targeting League of Legends players, which allows the attackers to open up the game’s store from a web browser …
Adobe updates Flash Player again, plugs 0-day exploited by Angler
Adobe made good on its promise to make available by this week a fix for the recently discovered critical zero-day Flash Player vulnerability (CVE-2015-0311) preyed on by the …
Critical Flash Player hole plugged, another still unpatched and exploited
Adobe has released an out-of-band update for Flash Player, which fixes a security flaw (CVE-2015-0310) that could be used to circumvent memory randomization mitigations on the …
Critical flaw on over 12M routers allows device hijacking, network compromise
A critical, easy to exploit vulnerability that opens more than 12 million SOHO routers around the world to remote compromise has been discovered by Check Point researchers. …
Two newcomers in the exploit kit market
Exploit kits are a great means to an end for malware distributors, who either buy them or rent them in order to widely disseminate their malicious wares. It’s no wonder …
Hikvision DVRs sporting bugs that allow device hijacking
A while back, SANS ISC CTO Johannes Ullrich discovered that cybercrooks were targeting Hikvision Digital Video Recorders (DVRs) in order to infect them with bitcoin-mining …
IE “Unicorn” bug actively exploited in the wild
Last week, in its regular Patch Tuesday, Microsoft patched a number of serious vulnerabilities, including one that is nearly two decades old, dating back to Microsoft IE 3.0. …
Windows Kerberos bug: How to detect signs of exploitation before the update?
Microsoft has shared more details about the critical elevation of privilege bug found in Microsoft Windows Kerberos Key Distribution Center (CVE-2014-6324) which is being …
Default ATM passcodes still exploited by crooks
Once again, ATMs have been “hacked” by individuals taking advantage of default, factory-set passcodes. This time the passcode hasn’t been guessed, or ended …
Featured news
Resources
Don't miss
- Threat actors are scanning your environment, even if you’re not
- GoSearch: Open-source OSINT tool for uncovering digital footprints
- Rack Ruby vulnerability could reveal secrets to attackers (CVE-2025-27610)
- Top must-visit companies at RSAC 2025
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028)