Exploits

Earlier this year, a PoC malware that could infect Apple Macs through a Thunderbolt accessory was introduced. The sequel to the “Thunderstrike“ exploit doesn’t need physical access and can now be delivered online—just like PC threats.

E-commerce sites have become prime targets for data thieves. The most recent incident involved Magento, eBay’s e-commerce platform.

Details on the programming languages that gets exploited the most, the reasons behind the numbers, and the downsides of using "popular" software.

The biggest incidents in the first three months of 2015 showed that even the most security-savvy users and organizations are not immune to security threats. See how they affected established security measures in the Trend Micro 2015 1Q Security Roundup.

A flaw that affects iOS devices has been discovered that allows nearby attackers to send apps, and even cause infinite reboot cycles on the iOS devices they run on, rendering them temporarily useless.

WordPress sites have recently been defaced by ISIS sympathizers who exploited known vulnerabilities on WP plug-ins. How can Web admins protect their sites from this type of attack?

Cybercriminals and attackers are increasingly taking advantage of zero-day vulnerabilities because of the window of opportunity they present. Find out what zero-days are, why they’re dangerous, and what you can do to prevent attacks.

Exploit kits have been around since 2006, and have been continuously evolving to take advantage of vulnerabilities found on popular software. This research paper discusses what exploit kits are, how they work, and how they evolved over time.

2014 Annual Security Roundup: 2014 was the year of mega breaches, hard-to-patch vulnerabilities, and thriving cybercriminal underground economies.