Vulnerabilities & Exploits
- March 23, 2018Security researchers discovered critical zero-day vulnerabilities in some products created by ManageEngine, a software company that creates software designed to manage IT assets.
- March 22, 2018Advanced Micro Devices (AMD) has released a statement following CTS Labs’ discovery of a set of vulnerabilities that affect some of its processors.
- March 20, 2018As environments become progressively interconnected, threats become increasingly complicated. The top security events of the past year make this apparent — and their repercussions make the implementation of smart protections all the more important.
- March 14, 2018A new cryptocurrency-mining operation they named RedisWannaMine was uncovered targeting database and application servers by exploiting the notorious EternalBlue.
- March 13, 2018Security researchers uncovered an attack vector that can enable attackers to circumvent Microsoft’s Code Integrity Guard (CIG) inject malicious libraries into applications.
- March 13, 2018A new research demonstrated a proof-of-concept attack they named “Mosquito,” which can exfiltrate data from online and air-gapped computers using speakers and headphones.
- March 08, 2018Securing the network against any and all kinds of threats (old, new, or otherwise) is every CISO’s goal. We looked at 2017’s biggest threats and compiled advice so CISOs can mitigate risks and secure their companies’ bottom line in 2018.
- March 07, 2018Researchers have discovered a vulnerability in the mail transfer agent (MTA) Exim. If exploited, attackers could execute arbitrary code on vulnerable servers remotely. Exim has already released a patch for this and urges everyone to update immediately.
- March 06, 2018An update of the Spectre attacks called SgxPectre can obtain data from Intel's SGX enclaves, which are supposedly secure repositories for sensitive and valuable data.