Tag: vulnerabilities

December 20, 2018

Microsoft has issued an emergency update that fixes a critical Internet Explorer vulnerability that attackers are actively exploiting on the Internet. The memory-corruption flaw allows attackers to remotely execute malicious code when computers use IE to visit a booby-trapped website, […]

August 21, 2018

News that the US will hold a new round of trade talks with China in late August has provided media with the opportunity to analyze and sum up the issues that have appeared since negotiations broke down earlier this year. […]

June 7, 2018

More than 115,000 websites—many run by major universities, government organizations, and media companies—remained wide open to hacker takeovers because they hadn’t installed critical patches released 10 weeks ago, security researcher Troy Mursch said Monday. A separate researcher reported on Tuesday […]

October 16, 2017

An air of unease set into the security circles on Sunday as they prepared for the disclosure of high-severity vulnerabilities in the Wi-Fi Protected Access II protocol that make it possible for attackers to eavesdrop Wi-Fi traffic passing between computers […]

September 28, 2017

There’s a bug in the latest version of Internet Explorer that leaks the addresses, search terms, or any other text typed into the address bar. The bug allows any currently visited website to view any text entered into the address […]

September 12, 2017

Over the past decade, Bluetooth has become almost the default way for billions of devices to exchange data over short distances, allowing PCs and tablets to transfer audio to speakers and phones to zap pictures to nearby computers. Now, researchers […]

June 27, 2017

Microsoft recently patched a critical vulnerability in its ubiquitous built-in antivirus engine. The vulnerability could have allowed attackers to execute malicious code by luring users to a booby-trapped website or attaching a booby-trapped file to an e-mail or instant message. […]

June 8, 2017

Security cameras manufactured by China-based Foscam are vulnerable to remote take-over hacks that allow attackers to view video feeds, download stored files, and possibly compromise other devices connected to a local network. That’s according to a 12-page report released Wednesday […]

June 2, 2017

When determining whether or not to disclose discovered vulnerabilities, the implications for the American economy, not national security, should be the leading priority, a former cybersecurity advisor to Presidents George W. Bush and Barack Obama contends. Currently, the Vulnerabilities Equities […]

May 31, 2017

The mysterious group that over the past nine months has leaked millions of dollars’ worth of advanced hacking tools developed by the National Security Agency said Tuesday it will release a new batch of tools to individuals who pay a […]

May 22, 2017

Eight days ago, the WCry ransomware worm attacked more than 200,000 computers in 150 countries. The outbreak prompted infected hospitals to turn away patients and shut down computers in banks and telecoms. Now that researchers have had time to analyze […]

May 18, 2017

After learning that one of its most prized hacking tools was stolen by a mysterious group calling itself the Shadow Brokers, National Security Agency officials warned Microsoft of the critical Windows vulnerability the tool exploited, according to a report published […]

May 10, 2017

Cisco Systems has patched a critical flaw that even novice hackers could exploit using Central Intelligence Agency attack tools that were recently leaked to the Internet. As previously reported, the zero-day exploit allowed attackers to issue commands that remotely execute […]

April 13, 2017

A critical Microsoft Word zero-day that was actively exploited for months connected two strange bedfellows, including government-sponsored hackers spying on Russian targets and financially motivated crooks pushing crimeware. That assessment, made Wednesday with “moderate confidence” from researchers at security firm […]

April 10, 2017

There’s a new zeroday attack in the wild that’s surreptitiously installing malware on fully-patched computers. It does so by exploiting a vulnerability in most or all versions of Microsoft Word. The attack starts with an e-mail that attaches a malicious […]

April 6, 2017

A broad array of Android phones is vulnerable to attacks that use booby-trapped Wi-Fi signals to achieve full device takeover, a researcher has demonstrated. The vulnerability resides in a widely used Wi-Fi chipset manufactured by Broadcom and used in both […]

March 28, 2017

The internet of things isn’t an enemy of critical infrastructure, according to the new head of the Department of Homeland Security Science & Technology Directorate. Use of connected devices has exploded across critical infrastructure industries, resident in everything from industrial […]

March 9, 2017

In a string of attacks that has escalated over the past 48 hours, hackers are actively exploiting a critical vulnerability that allows them to take almost complete control of Web servers used by banks, government agencies, and large Internet companies. […]

February 15, 2017

For a decade, every major operating system has relied on a technique known as address space layout randomization to provide a first line of defense against malware attacks. By randomizing the computer memory locations where application code and data are […]

February 8, 2017

Two years ago, researchers at Moscow-based Kaspersky Lab discovered their corporate network was infected with malware that was unlike anything they had ever seen. Virtually all of the malware resided solely in the memory of the compromised computers, a feat […]