Vulnerabilities & Exploits
- March 20, 2015In this video, Trend Micro CTO Raimund Genes discusses how security researchers and software vendors should work together and to stop fueling the industry that buys and sells vulnerability information.
- March 16, 2015Exploit kits have been around since 2006, and have been continuously evolving to take advantage of vulnerabilities found on popular software. This research paper discusses what exploit kits are, how they work, and how they evolved over time.
- March 05, 2015An old flaw that affects TLS/SSL, an authentication protocol used by countless websites and browsers has been discovered that allows cybercriminals to decrypt sensitive information from secure sites.
- March 02, 2015Recently, a security researcher disclosed that Seagate’s Network Attached Storage (NAS) unpatched vulnerabilities leaves thousands at risk. Find out what you can do to secure your NAS devices in order to avoid likely attacks.
- February 25, 2015Is it better to focus on defending against attacks that exploit old or new vulnerabilities? It doesn't matter. You can cover both with an IT staff that's both agile and proactive.
- February 24, 2015A new vulnerability was recently found in Samba, the Windows interoperability suite of programs for Linux and Unix. The vulnerability, once successfully exploited, could result in remote code execution, which may possibly compromise a server’s security.
- February 17, 2015Microsoft has enabled a new exploit mitigation mechanism in Windows 10 and 8.1 called Control Flow Guard that makes vulnerabilities more difficult to exploit. This paper takes an in-depth look at its implementation and weaknesses.
- February 13, 2015In a thorough investigation of gas pumps that use the Guardian aboveground storage tanks (AST) monitoring system in the United States, threat researchers Kyle Wilhoit and Stephen Hilt found one particular unit that has been tampered with.
- February 12, 20152014 Annual Security Roundup: 2014 was the year of mega breaches, hard-to-patch vulnerabilities, and thriving cybercriminal underground economies.