Two exploit kits prey on Flash Player flaw patched only last week
Two exploit kits have been outfitted with the exploit for a Flash Player vulnerability that has been patched only a week ago, the researcher that goes by the handle Kafeine …
Windows 0-day exploited in ongoing attacks, temporary workarounds offered
Microsoft is warning users about a new Windows zero-day vulnerability that is being actively exploited in the wild and is primarily a risk to users on servers and workstations …
Malicious YouTube ads lead to exploits, ransomware
In the last few months, Trend Micro researchers have been following a malvertising campaign that ended up affecting almost exclusively US users at the beat of more than …
Bash “Shellshock” bug: Who needs to worry?
As expected, attackers have begun exploiting the GNU Bash “Shellshock” remote code execution bug (CVE-2014-6271) to compromise systems and infect them with …
Malvertising attack techniques dissected
At Virus Bulletin 2014, Bromium presented a research report that highlights the severe risk of malicious ad networks infecting end users. This research provides a real-world …
Critical Bash bug opens Unix, Linux, OS X systems to attacks
The Bash “shellshock” flaw (CVE-2014-6271) was discovered last week by Unix/Linux specialist Stephane Chazelas, and its existence was made public on Wednesday. It …
Critical Android Browser bug threatens users’ privacy
Earlier this month, security researcher Rafay Baloch has released a proof-of-concept exploit that takes advantage of a vulnerability in an Android Browser’s security …
Researcher creates exploit for compromising scammers’ computers
Even if you never had to deal personally with “Windows support” scammers, chances are someone you know did or you have heard about these type of scams. These …
Coursera privacy issues exposed
When well-known lawyer and Stanford law lecturer Jonathan Mayer was invited to teach a course on government surveillance on Coursera, the popular online website offering free …
Heartbleed still a critical threat
Cyber attackers have been quick to exploit the Hearbleed OpenSSL bug, to the tune of hundreds of thousand attacks per day in the week after the public revelation of its …
Researchers warn about schemes that lead to FlashPack exploit kit
Security researchers have spotted two different online schemes that lead to pages hosting the FlashPack exploit kit. The first one relies on users visiting a compromised …
Blackphone rooted at DEF CON?
Blackphone, the recently released security-oriented smartphone, has apparently been rooted. The feat was executed at the DEF CON hacker conference, where Jon Sawyer …
Featured news
Resources
Don't miss
- Inorganic DNA: How nanoparticles could be the future of anti-counterfeiting tech
- Securing vehicles as they become platforms for code and data
- How service providers can turn cybersecurity into a scalable MRR engine
- Stop settling for check-the-box cybersecurity policies
- Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257)