exploits

During a cyberattack in Hong Kong, LightSpy spyware infected the iPhones of people visiting counterfeit news sites.

A Chrome vulnerability already exploited by attackers gets patched. We recommend updating your browser right now.

Some say you can get malware on your iPhone simply by visiting a dangerous Web page. We examine the rumor to get at the truth.

A newly discovered vulnerability allows hackers to eavesdrop on WhatsApp users, read their chats, and install spyware just by calling them. Update the app now!

A new strain of Mirai is equipped with a much wider range of exploits, including some targeted at enterprise-class IoT devices.

Is it possible to exploit a “theoretical” vulnerability?

Embedded systems demand special protection from infections similar to WannaCry.

By now, everyone has heard about the WannaCry ransomware attack. So far we have two posts about it: one with a general overview of what happened, and another with advice

How businesses can stop the WannaCry outbreak.

The threat landscape is always evolving. How can you protect your business?

The first zero-day exploit for InPage text processor had been used in attacks on Asian banks.

It can be tempting to disregard software update notifications. Everything seems to be working fine. Sometimes programs behave oddly or crash after an update. And by the way, you have

A new APT group is seen to have been exploiting hotpatching, a now-deprecated feature in Windows operating systems, to carry out their attacks.

Microsoft has just patched a zeroday vulnerability in its Silverlight web multimedia technology, which was investigated by Kaspersky Lab.

Threatpost had a story last week describing a disruption of a large ransomware campaign connected to the Angler exploit kit. Experts from Cisco’s Talos security group “effectively nillified 50 percent of the exploit kit’s activity”.

The BlueTermite APT campaign is rather new and extremely persistent. Here’s why.

Researchers compete at finding security holes in infotainment systems of connected cars and breaking in. The new case proves that Tesla does care a lot about security at wheel.

Security experts often mention exploits as one of the most serious problems, although it’s not always clear why exploits are so special and scary. We’ll try to explain here.

It’s up to the manufacturers to change the approach to designing modern hi-tech equipment. As we have written before, security should come first. It must be taken in account at the design level, not added later.

If it is not possible to get rid of a risky software for some reason, it is better to exist in a “presumption of guilt” mode, with an efficient security solution keeping it in check and preventing exploits from successful attacks, targeted ones included.

Taking over a Jeep Cherokee driving at speed 70 mph at a remote highway is quite real.