Vulnerabilities & Exploits
- October 17, 2017Adobe has released an emergency security update addressing a zero-day vulnerability (CVE-2017-11292) that researchers found actively exploited by a group of threat actors known as BlackOasis.
- October 16, 2017Several vulnerabilities were identified in the WPA2 protocol, which can reportedly expose Wi-Fi-enabled/wireless devices to KRACK, an exploit that compromises WPA2’s encryption mechanism.
- October 16, 2017Electronics designer Tom Wimmenhove recently uncovered a vulnerability in the key fob system that Subaru uses for several of its vehicles, which can enable hackers to hijack the car.
- October 12, 2017Of all the potential horror stories that dissuade users from adopting Internet of Things (IoT) devices, one of the most common is the unauthorized monitoring of their private lives.
- October 09, 2017Siemens recently issued an update that addresses a vulnerability found in one of their measuring devices that could potentially allow an attacker to bypass built-in authentication measures and take control of the machine.
- October 05, 2017Vulnerabilities in Apache Tomcat, which is deemed as the world's most widely used web application server used in over 70 percent of enterprise data centers, were uncovered.
- October 03, 2017A fake Wordpress plugin containing a backdoor and three zero-day vulnerabilities—all affecting the high-profile blogging platform WordPress—were recently discovered.
- September 27, 2017A security researcher found a remote code execution exploit that can potentially take over a range of devices with Broadcom Wi-Fi chips. The exploit is rooted in a vulnerability with the chip's firmware, similar to the Broadpwn exploit.
- September 19, 2017As we discover more details about the Equifax breach, other organizations can start improving their own data management and protection policies.