- 28 Oktober 2019Administrators of NGINX web servers running PHP-FPM are advised to patch a vulnerability (CVE-2019-11043) that can let threat actors execute remote code on vulnerable, NGINX-enabled web servers. Here’s what you need to know.
- 18 Oktober 2019In 2017, EternalBlue was the driving force behind one of the nastiest ransomware outbreaks on record. And despite available fixes, it is still being used by malware today—from ransomware to widespread cryptocurrency miners.
- 02 Oktober 2019A zero-day attack exploits an unpatched vulnerability. Until a patch becomes available, it is often a race between threat actors trying to exploit the flaw and vendors or developers rolling out a patch to fix it.
- 09 September 2019Metasploit has published an exploit for the BlueKeep vulnerability (CVE-2019-0708), a much-discussed critical weakness that affects older versions of Microsoft Windows. The "wormability" of BlueKeep makes it dangerous, and id successfully exploited,
- 08 August 2019Another Mirai offshoot spotted: A variant of the Echobot botnet was found using over 50 exploits that lead to remote code execution (RCE), arbitrary command execution, and command injection in internet of things (IoT) devices.
- 06 August 2019There’s a new player in the exploit kit landscape. Dubbed Lord, this new exploit kit was initially seen delivering the njRAT malwarebefore distributing the Eris ransomware. Here's what you need to know about this threat.
- 30 Juli 2019The different threat scenarios that can happen to a smart home illustrate that compromised IoT devices can affect not just users' comfort and convenience but also their safety.
- 29 Juli 2019Hacker setzen auf dateilose Bedrohungen, um vorhandene Anwendungen auszunutzen und Systeme anzugreifen.
- 23 Juli 2019The US Department of Education released a security advisory on ERP vulnerabilities after 62 institutions were infiltrated, stealing students' IDs to create fake accounts.