![hole](https://img.helpnetsecurity.com/wp-content/uploads/2016/05/09112510/hole-400x200.jpg)
Google releases details, PoC exploit code for IE, Edge flaw
As we’re impatiently waiting for Microsoft to patch vulnerabilities that were scheduled to be fixed in February, Google has released details about a serious …
![structure](https://img.helpnetsecurity.com/wp-content/uploads/2017/06/09103902/structure-red-400x200.jpeg)
New attack sounds death knell for widely used SHA-1 crypto hash function
SHA-1 is definitely, provenly dead, as a group of researchers from CWI Institute in Amsterdam and Google have demonstrated the first practical technique for generating a …
![industry](https://img.helpnetsecurity.com/wp-content/uploads/2016/10/09110009/industry-400x200.jpg)
Detecting PLC malware in industrial control systems
How can attackers load programmable logic controllers (PLC) with destructive malware, and how can the operators of industrial control systems (ICS) detect it? According to a …
![industry](https://img.helpnetsecurity.com/wp-content/uploads/2016/12/09105545/industry-400x200.jpg)
Researchers demonstrate ransomware for industrial control systems
We’ve witnessed ransomware targeting Windows and Linux systems and Macs, Android devices, smart TVs, and even a ransomware scheme targeting iPhone users (though not …
![Microsoft Windows](https://img.helpnetsecurity.com/wp-content/uploads/2016/10/09110301/microsoft_windows-400x200.jpg)
Exploit for Windows DoS zero-day published, patch out on Tuesday?
A zero-day bug affecting Windows 10, 8.1, Windows Server 2012 and 2016 can be exploited to crash a vulnerable system and possibly even to compromise it. The bug It is a memory …
![alert](https://img.helpnetsecurity.com/wp-content/uploads/2016/11/09105739/alert-400x200.jpg)
Nagios Core 4.2.4 closes serious root privilege escalation bug
If you’re using Nagios Core to monitor your systems, networks and infrastructure, and you have not updated to version 4.2.4, you better hop to it. This latest release …
![Samsung Knox](https://img.helpnetsecurity.com/wp-content/uploads/2016/09/09110415/samsung-knox-400x200.jpg)
Samsung Knox flaws open unpatched devices to compromise
Researchers from Viral Security Group have discovered three vulnerabilities in Samsung Knox, a security platform that allows users to maintain separate identities for work and …
![MySQL](https://img.helpnetsecurity.com/wp-content/uploads/2016/09/09110647/mysql-400x200.jpg)
MySQL 0-day could lead to total system compromise
Researcher Dawid Golunski has discovered multiple severe vulnerabilities affecting the popular open source database MySQL and its forks (e.g. MariaDB, Percona). One of these …
![](https://img.helpnetsecurity.com/wp-content/uploads/2016/08/09111218/QRLJacking-400x200.jpg)
QRLJacking: A new attack vector for hijacking online accounts
We all know that scanning random QR codes is a risky proposition, but a newly detailed social engineering attack vector dubbed QRLJacking adds another risk layer to their use. …
![Windows UAC alert](https://img.helpnetsecurity.com/wp-content/uploads/2016/07/09111344/uac-alert-400x200.jpg)
UAC bypass attack on Windows 10 allows malicious DLL loading
Security researchers Matt Graeber and Matt Nelson have discovered a way to run a malicious DLL on Windows 10 without the User Account Control (UAC) springing into action and …
![BMW ConnectedDrive](https://img.helpnetsecurity.com/wp-content/uploads/2016/06/09111615/bmw-connected-400x200.jpg)
BMW ConnectedDrive flaws could be misused to tamper with car settings
Security researcher Benjamin Kunz Mejri has found two vulnerabilities in the BMW ConnectedDrive web portal/web application. About the vulnerabilities in BMW ConnectedDrive The …
![Facebook](https://img.helpnetsecurity.com/wp-content/uploads/2015/12/09195531/facebook-wide-400x200.jpg)
How attackers can hijack your Facebook account
Positive Technologies researchers have demonstrated that knowing a user’s phone number and how to exploit a vulnerability in the SS7 network is enough to hijack that …
Featured news
Sponsored
Don't miss
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)