Vulnerabilities & Exploits

The biggest incidents in the first three months of 2015 showed that even the most security-savvy users and organizations are not immune to security threats. See how they affected established security measures in the Trend Micro 2015 1Q Security Roundup.

A flaw that affects iOS devices has been discovered that allows nearby attackers to send apps, and even cause infinite reboot cycles on the iOS devices they run on, rendering them temporarily useless.

WordPress sites have recently been defaced by ISIS sympathizers who exploited known vulnerabilities on WP plug-ins. How can Web admins protect their sites from this type of attack?

Cybercriminals and attackers are increasingly taking advantage of zero-day vulnerabilities because of the window of opportunity they present. Find out what zero-days are, why they’re dangerous, and what you can do to prevent attacks.

Microsoft will be putting the 20 year-old Internet Explorer to rest. With so many Web apps that still reply on older versions of IE, should admins be concerned?

In this video, Trend Micro CTO Raimund Genes discusses how security researchers and software vendors should work together and to stop fueling the industry that buys and sells vulnerability information.

Exploit kits have been around since 2006, and have been continuously evolving to take advantage of vulnerabilities found on popular software. This research paper discusses what exploit kits are, how they work, and how they evolved over time.

We noticed a problematic pattern developing: the increasing use of exploit kits in malvertising. Zero-day exploits are now deployed in malicious ads, instead of first being used in targeted attacks against enterprises and other organizations.

An old flaw that affects TLS/SSL, an authentication protocol used by countless websites and browsers has been discovered that allows cybercriminals to decrypt sensitive information from secure sites.