Targeted attacks are moving away from traditional malware to stealthier techniques that involve abusing standard system tools and protocols that are less frequently monitored.
Lucian Constantin |
04 Mar |
Read more
Researchers have created decryption tools for the Dharma ransomware after someone recently leaked the encryption keys for it.
Lucian Constantin |
03 Mar |
Read more
Google has expanded its Safe Browsing service, allowing Google Chrome on macOS to better protect users from programs that locally inject ads into web pages or that change the browser's home page and search settings.
Lucian Constantin |
03 Mar |
Read more
A security analysis of robots used in homes, businesses and industrial installations has revealed many of the same basic security weaknesses that are commonly found in IoT devices, raising questions about the implications for human safety.
Lucian Constantin |
02 Mar |
Read more
Cisco's Talos team has released a tool that allows network owners to discover switches on their networks that might be vulnerable to Cisco Smart Install (SMI) attacks.
Lucian Constantin |
01 Mar |
Read more
The recently announced SHA-1 collision attack has the potential to break code repositories that use the Subversion (SVN) revision control system.
Lucian Constantin |
28 Feb |
Read more
Google's Project Zero team has disclosed a potential arbitrary code execution vulnerability in Internet Explorer because Microsoft has not acted within Google's 90-day disclosure deadline.
Lucian Constantin |
25 Feb |
Read more
For months a bug in Cloudflare's content optimization systems exposed sensitive information sent by users to websites including passwords, session cookies, authentication tokens and even private messages.
Lucian Constantin |
25 Feb |
Read more
Security researchers have achieved the first real-world collision attack against the SHA-1 hash function, producing two different PDF files with the same SHA-1 signature.
Lucian Constantin |
24 Feb |
Read more
Linux system administrators should watch for kernel updates for their distributions and apply them as soon as possible because they fix a local privilege escalation flaw that could lead to a full system compromise.
Lucian Constantin |
24 Feb |
Read more
A new file-encrypting ransomware program for macOS is being distributed through bittorrent websites and users who fall victim to it won't be able to recover their files, even if they pay.
Lucian Constantin |
23 Feb |
Read more
After deciding to postpone its February patches for a month, Microsoft released one critical security update for Windows on Tuesday that contains Flash Player patches released by Adobe Systems last week.
Lucian Constantin |
23 Feb |
Read more
The Java and Python runtimes fail to properly validate FTP URLs, which can potentially allow attackers to punch holes through firewalls to access local networks.
Lucian Constantin |
22 Feb |
Read more
The hackers behind a sophisticated attack campaign that has targeted financial organizations around the world have intentionally inserted Russian words and commands into their malware in an attempt to throw investigators off.
Lucian Constantin |
21 Feb |
Read more
Android applications that allow millions of car owners to remotely locate and unlock their vehicles are missing security features that could allow hackers to easily hijack their functionality.
Lucian Constantin |
18 Feb |
Read more