Vulnerabilities & Exploits
- May 31, 2019A security researcher, going by the handle SandboxEscaper, published an exploit code for a zero-day vulnerability in Windows' Task Scheduler utility. Here's what you need to know.
- May 29, 2019Almost a million systems are reportedly vulnerable to BlueKeep (CVE-2019-0708), a critical vulnerability in remote desktop services. Here are some best practices that can help defend against threats that may exploit it.
- May 15, 2019Researchers reported new side-channel attacks — ZombieLoad, Fallout, and Rogue In-Flight Data Load (RIDL) — that can leak data being processed by vulnerable Intel processors. Here's what you need to know.
- May 10, 2019Threat actors were found exploiting CVE-2018-1000861, a vulnerability in the Stapler web framework that is used by the Apache Jenkins open-source software development automation server with versions 2.153 and earlier.
- April 05, 2019Attackers can exploit a vulnerability in Apache HTTP server to gain elevated privileges and complete control of a target machine.
- April 04, 2019Trend Micro researchers uncovered a new variant of the notorious Mirai malware that uses multiple exploits to target various routers and internet-of-things devices.
- April 04, 2019A year after a potentially critical vulnerability (CVE-2018-1002100) was found and patched in the popular open-source container orchestration system and DevOps tool Kubernetes, researchers discovered that the vulnerability can still be exploited.
- March 12, 2019Popular open-source DevOps automation software StackStorm was reported to have a critical vulnerability that could allow remote attackers to perform arbitrary commands on targeted servers.
- March 11, 2019Security researchers uncovered vulnerabilities in third-party car alarms managed via their mobile applications, affecting around 3 million cars. Here's what you need to know.