Vulnerabilities

CryptoShield Infections from RIG EK Picking Up

Researchers have spotted an increase in CryptoShield ransomware infections coming from the RIG Exploit Kit used by EITest delivery campaigns.

Dino Dai Zovi on Securing Linux in Modern Workloads

Security researcher Dino Dai Zovi talks about a new company he cofounded called Capsule8 that will help IT organizations counter threats to Linux infrastructures.

Cisco ASA Clientless SSL VPN CIFS Heap Overflow Vulnerability

A vulnerability in Common Internet...

Fileless Memory-Based Malware Plagues 140 Banks, Enterprises

Attackers have been using fileless malware to hide in the memory of enterprises, steal data, and vanish without a trace.

Valve Patches Trivial XSS Bug in Steam

A cross-site scripting vulnerability on the Steam gaming platform has been patched.The flaw could be exploited by simply viewing a crafted profile.

VU#745607: Accellion FTP server contains information exposure and cross-site scripting vulnerabilities

Vulnerability Note VU#745607 Accellion FTP server contains information exposure and cross-site scripting vulnerabilities Original Release date: 08 Feb 2017 | Last revised: 08 Feb...

Uber Debuts SSH Key Authentication Module

Developers at Uber have unveiled a new module to help users enable the continuous re-authentication of SSH keys.

Consortium Publishes Manifesto on Autonomous Vehicle Security

A new industry consortium publishes a manifesto it hopes will foster cooperation on the security of autonomous vehicles.

Macro Malware Comes to macOS

Cybercriminals have developed macro malware for the macOS, the first time this technique has been spotted on the Apple platform.

Attackers Capitalizing on Unpatched WordPress Sites

WordPress sites slow to update to the recent 4.7.2 security release run the risk of falling victim to a handful of defacement attacks spotted...

Popular iOS Apps Vulnerable to TLS Interception Attacks

More than 70 iOS apps are vulnerable to man-in-the-middle attacks where TLS connections can be intercepted and sensitive data stolen.

Smart TV Manufacturer Vizio Fined $2.2M for Tracking Customers

Smart TV manufacturer Vizio settled with the FTC on Monday over charges the company collected data on 11 million consumer TVs.