In a security-related incident, a security researcher discovered a bug that allows an attacker to bypass the Uber app's two-factor authentication (2FA) feature.
Cybercriminals are already taking advantage of the news surrounding Meltdown and Spectre. SmokeLoader malware was spotted spreading via a fake patch for the vulnerabilities .
Rockwell Automation released a firmware update for its MicroLogix 1400 programmable logic controllers (PLCs) to resolve a potentially serious vulnerability.
Multiple vulnerabilities and a hard-coded backdoor were discovered in Western Digital’s My Cloud network attached storage (NAS) devices that could allow remote attackers to gain unrestricted root access.
Microsoft, Linux, Google, and Apple started rolling out patches addressing design flaws in processor chips that security researchers named Meltdown and Spectre. What are they, and how can they affect users?
Security researchers at the University of Birmingham found that several banking apps were susceptible to man-in-the-middle (MitM) attacks through a vulnerability in the way they handle encrypted communications, which can let attackers steal credentials.
Several threat actors are actively exploiting CVE-2017-11882 to deliver a plethora of threats, including the information-stealing Loki, Pony/FAREIT, and a lockscreen with a ransom note that resembles Bad Rabbit's.
An attacker or cybercriminal’s toolbox would not be complete without vulnerabilities and exploits. We look back at some of 2017's most egregious security flaws, and their impact users and businesses.