Vulnerabilities & Exploits

Attackers can exploit a vulnerability in Apache HTTP server to gain elevated privileges and complete control of a target machine.

Trend Micro researchers uncovered a new variant of the notorious Mirai malware that uses multiple exploits to target various routers and internet-of-things devices.

A year after a potentially critical vulnerability (CVE-2018-1002100) was found and patched in the popular open-source container orchestration system and DevOps tool Kubernetes, researchers discovered that the vulnerability can still be exploited.

Popular open-source DevOps automation software StackStorm was reported to have a critical vulnerability that could allow remote attackers to perform arbitrary commands on targeted servers.

Security researchers uncovered vulnerabilities in third-party car alarms managed via their mobile applications, affecting around 3 million cars. Here's what you need to know.

We look at the most pervasive information stealers, ransomware, and cryptocurrency-mining malware in the Americas in 2018 and how they highlight the significance of proactive threat detection and incident response capabilities.

We looked back at 2018’s mobile threat landscape to see the possible threats that lie ahead and help users and organizations proactively defend against them.

CVE-2019-5736 is a vulnerability involving the runC runtime component, which is used for container platforms such as Docker and container orchestration platforms such as Kubernetes.

Looking back at the most significant issues of 2018, we saw shifting cybercriminal strategies and lingering security threats. Enterprises faced a multitude of challenges, but careful study of these issues can present opportunities for improvement.