Vulnerabilities & Exploits
- September 11, 2017Major events shook the global threat landscape in the first half of 2017. Our midyear security roundup covers the old and the new, from ransomware and BEC scams to potential attacks against industrial robots.
- September 06, 2017A critical Remote Code Execution (RCE) vulnerability was recently discovered in Apache Struts 2, and it has potential to be more damaging than its predecessors, including even the notorious POODLE.
- August 30, 2017Can we fix the lag between patch releases and actual implementation? Current events reveal that patching should be made a definite priority. We provide a guide on how to manage patching for enterprises and large organizations.
- May 30, 2017Cities around the world are getting smarter, but are they being designed with security in mind?
- May 23, 2017A complete discussion of the different vulnerability categories, including case studies of vulnerable SCADA HMIs. The paper also provides a guide for vulnerability researchers, as well as vendors on quick and efficient bug discovery.
- May 23, 2017A new malware called EternalRocks was discovered in late May that uses not only EternalBlue and DoublePulsar—the two National Security Agency (NSA) exploits leaked by the ShadowBrokers hacking group and used by the notorious WannaCry ransomware—but five other
- May 03, 2017The modern world relies heavily on industrial robots. But is the current robotics ecosystem secure enough to withstand a cyber attack?
Compromising Industrial Robots: The Fallacy of Industrial Routers in the Industry 4.0 Ecosystem [blog]May 03, 2017Industrial routers can be used to gain access to robot controllers and other industrial machines. Having them exposed can lead to serious consequences for organizations and businesses.
- April 26, 2017Exploits found in the trove of malware recently leaked by hacking group Shadow Brokers are reportedly being used to install ransomware and backdoor. Are your systems protected?