Vulnerabilities & Exploits
- December 11, 2017Security researchers at the University of Birmingham found that several banking apps were susceptible to man-in-the-middle (MitM) attacks through a vulnerability in the way they handle encrypted communications, which can let attackers steal credentials.
- December 08, 2017Several threat actors are actively exploiting CVE-2017-11882 to deliver a plethora of threats, including the information-stealing Loki, Pony/FAREIT, and a lockscreen with a ransom note that resembles Bad Rabbit's.
- December 06, 2017An attacker or cybercriminal’s toolbox would not be complete without vulnerabilities and exploits. We look back at some of 2017's most egregious security flaws, and their impact users and businesses.
- December 06, 2017A collection of vulnerabilities dubbed Mailsploit has put numerous users of popular mail clients at risk. The vulnerabilities allow attackers to spoof practically any email undetected.
- November 29, 2017Apple released a quick workaround for a bug that allows malicious actors to bypass the security of the macOS High Sierra 10.13 operating system and take full control of the computer.
- November 28, 2017Western European, UK, French, German, and US cities exposed. Are your connected devices searchable on the internet? Find out what you are risking.
- November 23, 2017Just in time for Black Friday: AliExpress was found to have a vulnerability that could have allowed attackers to display a fake coupon designed to phish sensitive information from shoppers.
- November 21, 2017Intel has released a security advisory on November 20 after discovering vulnerabilities in its remote administrative feature called the Management Engine (ME), along with the Server Platform Services (SPS) and the Trusted Execution Engine (TXE).
- November 02, 2017Oracle released an emergency fix for a highly critical vulnerability found in its widely-used enterprise identity management system that allows an attacker to access enterprise software remotely without authentication.