Detect threat patterns across your web and mobile assets
During the Black Hat conference in Las Vegas, RiskIQ announced an automated platform with global reach that enables organizations to discover, scan for malware and gather …
Teen researcher publishes PayPal 2FA bypass exploit
Joshua Rogers, a teenage whitehat based in Australia, has found an extremely simple way to bypass PayPal’s two-factor authentication feature. Rogers first discovered the …
The weak links in an increasingly dynamic threat landscape
The Cisco 2014 Midyear Security Report, released today at Black Hat, examines the “weak links” in organizations – outdated software, bad code, abandoned …
AV engines are riddled with exploitable bugs
A security researcher has found a great number of exploitable vulnerabilities in popular security solutions and the AV engines they use, proving not only that AV engines are …
Facebook scams now lead to exploit kits
The Facebook scam is a familiar phenomenon to every user of the popular social network, and most of them have fallen for it at one time or another as it only takes a moment of …
Exploit switches off Microsoft EMET’s protection features
By leveraging and modifying a “semi-random public exploit” researchers have managed to deactivate all protection features of the latest version of …
Exploiting wildcards on Linux
DefenseCode released an advisory in which researcher Leon Juranic details security issues related to using wildcards in Unix commands. The topic has been talked about in the …
Cupid exploits Heartbleed bug on WiFi networks and Android
Nearly two months have passed since the public revelation of the Heartbleed bug affecting the widely used open source cryptographic library OpenSSL. The reaction of the …
Angler exploit kit starts wielding Silverlight exploits
“Silverlight exploits are the drive-by flavor of the month,” claim Cisco researchers. “Exploit Kit owners are adding Silverlight to their update releases, …
Cybercriminals targeting unlikely sources to carry out high-profile exploits
Cybercriminals continuously discover more ways to successfully target new outlets for financial theft, according to Trend Micro. Greed is motivating cybercriminals to take a …
Small businesses targeted with email-borne exploits
Even though the data gathered by Microsoft points to the fact that cybercriminals now prefer deceptive tactics to exploits, it does not mean that the latter approach has been …
Researchers share details about recent IE 0-day exploit and its delivery
Given that Microsoft has closed the Internet Explorer 0-day vulnerability that was exploited to compromise US-based defense and financial firms, the Sourcefire vulnerability …