Vulnerabilities & Exploits

Metasploit has published an exploit for the BlueKeep vulnerability (CVE-2019-0708), a much-discussed critical weakness that affects older versions of Microsoft Windows. The "wormability" of BlueKeep makes it dangerous, and id successfully exploited,

Our midyear security roundup highlights threats that made their mark in the first half of 2019, and provides security insights to help users and organizations determine the right solutions and defense strategies against them.

A look into the cybersecurity risks surrounding critical infrastructures integrated with industrial internet of things (IIoT), and the recommendations to mitigate against these threats.

Another Mirai offshoot spotted: A variant of the Echobot botnet was found using over 50 exploits that lead to remote code execution (RCE), arbitrary command execution, and command injection in internet of things (IoT) devices.

There’s a new player in the exploit kit landscape. Dubbed Lord, this new exploit kit was initially seen delivering the njRAT malwarebefore distributing the Eris ransomware. Here's what you need to know about this threat.

Small planes were found vulnerable to attacks through their CAN bus components. DHS released a security advisory for owners and manufacturers to take steps against possible exploits.

Sophisticated software has helped industries grow and thrive in unmatched ways, but there are also risks and consequences that come with new technology.

The different threat scenarios that can happen to a smart home illustrate that compromised IoT devices can affect not just users' comfort and convenience but also their safety.

Hackers use fileless threats to take advantage of existing applications and attack systems. Here we discuss noteworthy events, techniques, and best practices that can help identify fileless threats and defend against attacks.