Vulnerabilities & Exploits
- December 03, 2019Researchers discovered a vulnerability in Android devices that allows malware to hijack legitimate apps. Using this vulnerability, cybercriminals could trick users into granting permissions to their malicious apps and provide openings for phishing pages.
- November 19, 2019Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
- November 15, 2019Our latest research explored threats to 5G connectivity — from SIMjacking, identity fraud, fake news, and poisoning machine learning rules to manipulating business decisions — and found that they can be addressed through an identity-based approach to security.
- November 12, 2019There are plans to update the BlueKeep Metasploit exploit after recent investigations revealed that the exploit triggers the blue screen of death in devices. This comes after recent reports of BlueKeep being used to install cryptocurrency miners on vulnerable
- November 06, 2019Details on the proof-of-concept (PoC) exploit for two unpatched, critical remote code execution (RCE) vulnerabilities in the network configuration management utility rConfig have been recently disclosed.
- November 04, 2019Patch now: Two Chrome zero-days were reported, one of them actively exploited in a campaign. Meanwhile, BlueKeep was initially reported seen in the wild to install a malicious Monero miner.
- October 30, 2019Trend Micro’s Zero Day Initiative (ZDI) will bring industrial control system (ICS) hacking into the Pwn2Own competition. The categories will be based on how widely used the system is and the relevance to researchers and the ICS community.
- October 28, 2019Administrators of NGINX web servers running PHP-FPM are advised to patch a vulnerability (CVE-2019-11043) that can let threat actors execute remote code on vulnerable, NGINX-enabled web servers. Here’s what you need to know.
- October 24, 2019Researchers recently demonstrated how security issues in Amazon Alexa Google Home devices can be abused to phish and eavesdrop on their owners. Here's what you need to know.