Vulnerabilities & Exploits
- October 15, 2014A new zero-day exploit that reportedly targets a military organization welcomes Patch Tuesday announcements as Microsoft announces a previously unknown vulnerability on Windows systems. (Update: Patch for "Sandworm" vulnerability has been released.)
- October 15, 2014The breach of investment banking firm JP Morgan Chase has caused the leak of one of the largest number of records to date, reportedly affecting an estimated 76 million households and 7 million small businesses.
- October 14, 2014Microsoft has announced the discovery of a zero-day vulnerability affecting all supported versions of Microsoft Windows and Windows Server 2008 and 2012 that is being used in attacks against NATO and several European industries and sectors.
- September 28, 2014It seems like the floodgates have truly opened for Shellshock-related attacks. Another exploit attack has been detected, targeting a financial institution in China.
- September 26, 2014Shellshock update: more attacks that exploit the Shellshock vulnerability have been detected, including exploit attempts in Brazil that seem to be targeting government institutions.
- September 26, 2014There are new reports that mention incidents of botnet attacks that leveraged Shellshock against certain institutions. A botnet is a network of infected computers/systems.
- September 26, 2014Shortly after the Bash vulnerability known as Shellshock was discovered, we've seen attacks using it to deliver DDoS malware onto Linux systems. Bigger, badder attacks are to be expected. What are some of the other potential scenarios?
- September 26, 2014Another existing widespread vulnerability known as Shellshock has been found, threatening to compromise millions of systems, servers and devices. What is it, who is affected, and what can you do?
- September 25, 2014The Bash vulnerability was reportedly already being exploited in the wild, only several hours after news first broke out. At least one sampled malware is capable of launching distributed denial-of-service (DDoS) attacks.