Threats and vulnerabilities
Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.
Top Stories
-
News
15 Nov 2024
Palo Alto Networks PAN-OS management interfaces under attack
Palo Alto Networks confirmed that threat actors are exploiting a vulnerability in PAN-OS firewall management interfaces after warning customers to secure them for nearly a week. Continue Reading
-
News
14 Nov 2024
Infoblox: 800,000 domains vulnerable to hijacking attack
While the 'Sitting Ducks' attack vector continues to pose a problem, Infoblox says domain registrars, DNS providers and government bodies remain inactive. Continue Reading
-
Blog Post
03 May 2018
Cybersecurity pervasiveness subsumes all security concerns
Given the increased digitization of society and explosion of devices generating data (including retail, social media, search, mobile, and the internet of things), it seems like it might have been ... Continue Reading
-
Answer
03 May 2018
IoT botnets: How are new Mirai variants impacting systems?
An increase of IoT botnets has been seen since the Mirai malware source code was leaked. Learn how the new variants pose to be a serious threat to IoT devices with Michael Cobb. Continue Reading
-
Answer
02 May 2018
How were Android Pixel vulnerabilities exploited?
Android Pixel vulnerabilities could open the smartphone up to attack. Expert Michael Cobb explains the vulnerabilities and how to defend against them. Continue Reading
-
News
30 Apr 2018
Windows NTFS flaw posted after disclosure gets nowhere
Proof-of-concept code showing how an NTFS flaw can shut down Windows systems was published by a security researcher nine months after he disclosed it to Microsoft. Continue Reading
-
News
30 Apr 2018
Phishing threats still dwarf vulnerabilities, zero-days
Proofpoint research shows that while phishing attacks now require victims to take more steps, the success rate for such attacks hasn't declined and enterprises are still on the defensive. Continue Reading
-
News
27 Apr 2018
DDoS-for-hire website taken down by law enforcement
Webstresser.org, a popular DDoS-for-hire website, was taken down by several law enforcement agencies across the globe. Details are sparse, but arrests have reportedly been made. Continue Reading
-
News
27 Apr 2018
Microsoft releases Spectre variant 2 microcode patches
Microsoft released new fixes that include the Intel microcode patches for Spectre variant 2 to help protect users on Windows 10 and Windows Server 2016. Continue Reading
-
Guide
27 Apr 2018
How air gap attacks challenge the notion of secure networks
Today's cyberattacks are taking new shapes and sizes in the ever-changing tech environment. This guide explores air gap attacks, the history behind them and the latest threats facing air-gapped networks. Continue Reading
-
News
26 Apr 2018
SecureWorks warns of business email compromise campaign
SecureWorks researchers uncovered an extensive business email compromise campaign targeting the maritime shipping industry, which may have cost organizations millions of dollars. Continue Reading
-
News
25 Apr 2018
BGP routing security flaw caused Amazon Route 53 incident
A BGP routing security flaw enabled unknown threat actors to steal cryptocurrency by hijacking internet routing and rerouting traffic to a phishing site in Russia. Continue Reading
-
Blog Post
19 Apr 2018
CrowdStrike unveils Meltdown exploit in unusual fashion
At RSA Conference 2018, CrowdStrike demonstrated a new Meltdown exploit that can harvest sensitive data such as passwords even on systems that are patched. Continue Reading
-
News
19 Apr 2018
Passive DNS techniques can reduce DNS abuse
Presenting at RSAC 2018, Farsight Security's Merike Kaeo explains how defenders can adopt passive techniques to reduce DNS abuse and stop attacks before they happen. Continue Reading
-
News
18 Apr 2018
Paul Kocher weighs in on Spectre flaws, vulnerability disclosure
At RSA Conference 2018, Paul Kocher, who co-discovered the Spectre flaws, discussed the chip vulnerabilities and explained why disclosure and mitigation efforts were so troubled. Continue Reading
-
News
17 Apr 2018
RSAC keynote speakers push teamwork, incremental improvements
The RSAC keynote speakers pushed a unified idea of collaboration across public and private sectors, improved teamwork and the value of incremental improvements in cybersecurity. Continue Reading
-
News
17 Apr 2018
Microsoft's Brad Smith urges action on nation-state cyberthreats
At RSA Conference 2018, Microsoft President Brad Smith warned of nation-state cyberattacks and called on governments and the private sector to do more to address them. Continue Reading
-
News
16 Apr 2018
Nuix hacker survey shows how easy it is to breach perimeters
The second annual Black Report -- a hacker survey aimed at getting a different perspective on cybersecurity -- detailed how long it takes to breach a perimeter and what attacks are easiest. Continue Reading
-
News
12 Apr 2018
Cryptojacking attacks may not challenge ransomware dominance
Cryptojacking attacks are on the rise, but experts are unsure if the threat can overtake the malware dominance of ransomware due to regulatory and profit questions. Continue Reading
-
News
06 Apr 2018
Pipeline cyberattack shuts down natural gas company communications
News roundup: A pipeline cyberattack shut down communications for several U.S. natural gas providers. Plus, Facebook removed accounts and pages run by the Russian IRA, and more. Continue Reading
-
E-Zine
03 Apr 2018
Cloud security threats in 2018: Get ahead of the storm
Consistent security for all data from cloud providers and third-party partners is what many consider the next evolution of cloud. The biggest cloud security threats for most companies, however, result from in-house staff mistakes, lack of patching and misconfiguration.
Even when the risks associated with cloud security threats are high, the cost benefits to organizations outweigh the risks. Enterprise spending for public cloud services worldwide is expected to reach $160 billion in 2018, according to the International Data Corporation. Software as a service still has the highest growth, followed by infrastructure as a service and platform as a service. Many technology platforms take advantage of public cloud security features, but large-scale clouds don't always mean large-scale threat protection. What cloud security threats should you watch out for in 2018?
"It seems like there's a lot of money to be made in cryptocurrency, and it is so much easier to attack [the internet of things] with Linux malware," said Mounir Hahad, head of threat research at Juniper Networks.
Botnets increasingly pose cloud security threats, powering distributed denial of service, ransomware and other crippling attacks. Ransomware remains one of the most lucrative for cybercriminals, who can easily find ransomware kits online. In this issue of Information Security magazine, we look at cloud security in 2018 and strategies to protect sensitive data from internal and external threats.
Continue Reading -
Opinion
03 Apr 2018
Marcus Ranum decodes hardware vulnerabilities with Joe Grand
Computer hardware designs with dangerous security flaws? That's no surprise to renowned hardware hacker Grand. Continue Reading
- 30 Mar 2018
-
Tip
27 Mar 2018
Emotet Trojan: How to defend against fileless attacks
An increase in fileless malware, including PowerShell malware, was reported in McAfee Labs' December 2017 Threat Report. Discover how enterprises can defend again fileless attacks. Continue Reading
-
Answer
27 Mar 2018
How can a Moxa MXview vulnerability be exploited by hackers?
A vulnerability was found in Moxa MXview -- a software used to visualize network devices and physical connections. Learn how this vulnerability can enable privilege escalation. Continue Reading
-
News
16 Mar 2018
Russian government hacking earns U.S. sanctions, warnings
The U.S. Treasury Department levied sanctions for Russian government hacking, as a joint alert from the FBI and DHS confirms election meddling and critical infrastructure attacks. Continue Reading
-
News
16 Mar 2018
Leaked report on AMD chip flaws raises ethical disclosure questions
Researchers announced AMD chip flaws without the coordinated disclosure procedure, and a leak of the research to a short seller has raised further suspicions about the process. Continue Reading
-
Answer
16 Mar 2018
AIR-Jumper: How can security camera lights transmit data?
Researchers developed aIR-Jumper, an exploit that leverages lights within security cameras to extract data. Learn how this attack works and how to prevent it with expert Nick Lewis. Continue Reading
-
Answer
15 Mar 2018
Com.google.provision virus: How does it attack Android devices?
The com.google.provision virus reportedly targets Android users, but little is known about it. Nick Lewis discusses the mystery threat and how Common Malware Enumeration may help. Continue Reading
-
News
13 Mar 2018
Researchers claim AMD flaws threaten Ryzen, EPYC chips
Ryzen and EPYC AMD flaws were partially detailed with just 24 hours' disclosure notice, despite potentially significant exploits, including secure processor takeover or security bypass. Continue Reading
-
Answer
13 Mar 2018
CCleaner malware: How dangerous is it to enterprises?
A watering hole attack led to CCleaner malware being installed on millions of systems. Nick Lewis explains how the attack worked and why it should concern enterprises. Continue Reading
-
News
12 Mar 2018
Olympic Destroyer was a false flag cyberattack, research claims
New research claims Olympic Destroyer was not the work of the North Korea-backed Lazarus Group; rather, it was a false flag cyberattack designed to mislead attribution efforts. Continue Reading
-
Answer
12 Mar 2018
ExpensiveWall malware: How does this SMS attack function?
A new SMS malware known as ExpensiveWall was recently discovered by Check Point. Learn how it infects devices and puts Android device users at risk with expert Nick Lewis. Continue Reading
-
News
08 Mar 2018
NSA tracking program watched foreign hackers in action
Researchers discovered evidence of an NSA tracking program designed to watch nation-state hackers and gather information as attacks were in progress. Continue Reading
-
Answer
07 Mar 2018
How can users deal with app trackers that collect customer data?
App trackers were found in hundreds of Google Play apps. Expert Michael Cobb explains the threat they pose and how GDPR has the potential to reduce the risk. Continue Reading
-
News
06 Mar 2018
Terabit DDoS attack hits 1.7Tbps and experts expect higher
Five days after a record breaking terabit DDoS attack, a new 1.7Tbps DDoS attack was detected taking advantage of improperly secured memcached servers to launch a reflection attack. Continue Reading
-
Answer
01 Mar 2018
Search engine poisoning: How are poisoned results detected?
Poisoned search results have spread the Zeus Panda banking Trojan throughout Google. Learn what this means, how search engine poisoning works and what can be done to stop it. Continue Reading
-
Answer
28 Feb 2018
Fileless malware: What tools can jeopardize your system?
A report from CrowdStrike highlights the growth of malware-less attacks using certain command-line tools. Learn how to handle these growing attacks with Matt Pascucci. Continue Reading
-
News
27 Feb 2018
Ad network cryptojacking attack bypasses ad blockers
Qihoo 360's Netlab team discovered an online ad network has been bypassing ad blockers and running cryptomining software in the browsers of unsuspecting visitors. Continue Reading
-
News
23 Feb 2018
Hackers used SWIFT-based attacks to steal millions from banks
News roundup: Hackers once again used SWIFT-based attacks to steal millions from Russian and Indian banks. Plus, hackers used an L.A. Times website for cryptojacking, and more. Continue Reading
-
Answer
22 Feb 2018
Typosquatting: How did threat actors access NPM libraries?
Typosquatting was used by threat actors to spread malware in the NPM registry. Learn from expert Nick Lewis how this method was used and what it means for users. Continue Reading
-
News
21 Feb 2018
Cryptojacking attacks hit enterprises' cloud servers
Cloud security vendor RedLock discovered threat actors had gained access to several enterprise cloud environments, including Tesla's, and used them for cryptojacking schemes. Continue Reading
-
Podcast
21 Feb 2018
Risk & Repeat: Intel bug bounty tackles side channel attacks
In this week's Risk & Repeat podcast, SearchSecurity editors examine Intel's new bug bounty for side channel attacks and what it says about Meltdown and Spectre. Continue Reading
-
Answer
21 Feb 2018
How are tech support scams using phishing emails?
Threat actors are using phishing email campaigns to fool users with tech support scams and fake Blue Screens of Death. Learn how these campaigns work with expert Nick Lewis. Continue Reading
-
Tip
20 Feb 2018
Protecting safety instrumented systems from malware attacks
Trisis malware targets safety instrumented systems and puts industrial control systems at risk. Expert Ernie Hayden reviews what to know about SIS and its security measures. Continue Reading
-
News
16 Feb 2018
Olympic Destroyer malware more complex than first thought
News roundup: The Olympic Destroyer malware is more sophisticated than researchers first thought. Plus, Microsoft looks to change identity management with blockchain, and more. Continue Reading
-
Answer
16 Feb 2018
What can be done to prevent a swatting attack?
A swatting attack resulted in the death of a Kansas man. Expert Judith Myerson looks at the technology these attacks use and what can be done to make sure they don't happen again. Continue Reading
-
News
14 Feb 2018
Zero-day Telegram vulnerability exploited for cryptomining
Kaspersky Lab disclosed a zero-day vulnerability in Telegram that the security vendor says was abused by Russian cybercriminals in a cryptomining malware campaign. Continue Reading
-
Answer
14 Feb 2018
What can enterprises do to prevent an IoT botnet attack?
An IoT botnet attack on Huawei home routers showed similarities to the Mirai malware. Expert Judith Myerson explains the threat and how enterprises can protect themselves. Continue Reading
-
Tip
13 Feb 2018
What enterprises need to know about ransomware attacks
Ransomware attacks on enterprises are often the result of a company's poor IT hygiene. Expert Joe Granneman looks at attacks like those by WannaCry and SamSam ransomware. Continue Reading
-
Tip
08 Feb 2018
Mobile security issues require a unified approach
Security gaps in mobile devices can be many and varied, but they must be addressed immediately. Unified endpoint management is the next-gen way to close the gaps. Continue Reading
-
Tip
08 Feb 2018
Counter mobile device security threats with unified tools
Attacks on enterprise mobile endpoints are more lethal than ever. To help infosec pros fight back, enterprise mobile management has unified to fortify defenses. Continue Reading
-
Podcast
07 Feb 2018
Risk & Repeat: Cryptomining malware on the rise
In this week's Risk & Repeat podcast, SearchSecurity editors discuss how the threat of cryptomining malware is evolving and what it means for enterprises and infosec vendors. Continue Reading
-
News
05 Feb 2018
Cryptojacking malware using EternalBlue to build botnets
Proofpoint researchers discovered a large Monero mining botnet that uses EternalBlue to spread, and it isn't the first time the Windows flaw has been used for cryptojacking. Continue Reading
-
News
02 Feb 2018
Hackers use ATM jackpotting technique to steal $1M in US
News roundup: Hackers used ATM jackpotting attacks to steal over $1M in the U.S. Plus, a fitness tracking app accidentally exposed the locations of military bases, and more. Continue Reading
-
Answer
02 Feb 2018
NotPetya malware: How does it detect security products?
Bitdefender discovered that the NotPetya malware changes its behavior when Kaspersky security products are detected. Nick Lewis explains how the malware's tricks work. Continue Reading
-
News
01 Feb 2018
Meltdown and Spectre malware discovered in the wild
Nearly 140 samples of malware that exploit the Meltdown and Spectre vulnerabilities have been discovered by AV-TEST, but most samples are based on existing proof-of-concept code. Continue Reading
-
Answer
31 Jan 2018
RSA-1024 keys: How does a Libgcrypt vulnerability expose them?
A Libgcrypt vulnerability could allow attackers to recover private RSA-1024 keys, as it allows a left-to-right sliding window that shows how specific parts of the algorithm work. Continue Reading
-
Answer
30 Jan 2018
CopyCat malware: How does this Android threat operate?
Check Point researchers discovered new Android malware named CopyCat, which has infected 14 million devices. Learn how this malware works and how it spread from expert Nick Lewis. Continue Reading
-
Answer
26 Jan 2018
How does credential stuffing enable account takeover attacks?
Credential stuffing activity is outpacing the growth of other cyberattacks and enabling account takeover attacks. Akamai Technologies' Patrick Sullivan explains the threat. Continue Reading
-
Guide
25 Jan 2018
Containing ransomware outbreaks now a top infosec priority
Prepping for and dealing with an outbreak of ransomware is the IT version of the flu shot. Learn how company systems and data from these potentially deadline infections. Continue Reading
-
News
19 Jan 2018
Trisis ICS malware was publicly available after attack
The Trisis ICS malware used in a cyberattack on an oil and gas company in Saudi Arabia in December has been publicly available for weeks after being copied by unknown actors. Continue Reading
-
Blog Post
18 Jan 2018
The strange case of the 'HP backdoor' in Lenovo switches
Lenovo's discovery of an authentication bypass, literally titled "HP backdoor," within its networking switches brings unsettling implications for the IT industry. Continue Reading
-
News
12 Jan 2018
AMD backtracks on Spectre vulnerabilities, plans microcode updates
AMD initially believed the Spectre vulnerabilities posed "near zero risk" to its chip, but the company this week reversed course and is planning microcode updates for its products. Continue Reading
-
News
12 Jan 2018
Fancy Bears hackers target International Olympic Committee
News roundup: The hacking group called Fancy Bears claims to have hacked the Olympics again. Plus, a former NSA contractor pleads guilty to stealing government data, and more. Continue Reading
-
Answer
12 Jan 2018
What went wrong with the Dirty COW vulnerability patch?
A patch was issued for the Dirty COW vulnerability, but researchers later discovered problems with the patch. Expert Judith Myerson explains what went wrong. Continue Reading
-
Podcast
11 Jan 2018
Risk & Repeat: Meltdown and Spectre vulnerabilities shake industry
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the discovery of the Meltdown and Spectre vulnerabilities and their effect on information security. Continue Reading
-
Blog Post
09 Jan 2018
Intel keynote misses the mark on Meltdown and Spectre vulnerabilities
With CEO Brian Krzanich's keynote at the 2018 Consumer Electronics Show, Intel missed an opportunity for the Meltdown and Spectre vulnerabilities. Continue Reading
-
News
03 Jan 2018
Intel CPU flaw gets third-party patch but no details
Release of a third-party patch for a mysterious Intel CPU flaw led to many questions but few answers, and details on the issue may not be imminent. Continue Reading
-
News
27 Dec 2017
North Korea's Lazarus Group sets sights on cryptocurrency
Researchers believe North Korean nation-state hackers from the Lazarus Group are targeting cryptocurrency exchanges and owners in a wave of financially motivated attacks. Continue Reading
-
Definition
26 Dec 2017
polymorphic virus
A polymorphic virus is a harmful, destructive or intrusive type of malware that can change or 'morph,' making it difficult to detect with antimalware programs. Continue Reading
-
News
22 Dec 2017
Cryptocurrency exchanges increasingly targeted by cyberattacks
News roundup: Cryptocurrency exchanges are folding because of targeted cyberattacks. Plus, five hackers were arrested in connection with international ransomware attacks, and more. Continue Reading
-
Podcast
22 Dec 2017
Risk & Repeat: Cryptojacking looms amid the bitcoin boom
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the rising threat of cryptojacking and how hackers can steal computing power from unsuspecting users. Continue Reading
-
Answer
22 Dec 2017
Brutal Kangaroo: How does it hop to air-gapped computers?
The CIA Vault 7 cache exposed the Brutal Kangaroo USB malware, which can be spread to computers without an internet connection. Learn how this is possible with expert Nick Lewis. Continue Reading
-
Feature
21 Dec 2017
Get the best botnet protection with the right array of tools
Enterprise anti-botnet defenses, to be effective, must be added in multiple layers. No single security product will do the trick, but the right combo of tools can. Continue Reading
-
News
15 Dec 2017
Triton framework used in industrial control attacks
Security researchers discovered new ICS attacks using the Triton framework that may have been nation-state-sponsored and intended to cause real-world damage. Continue Reading
-
Answer
13 Dec 2017
How can a local file inclusion attack be stopped?
A botnet-based local file inclusion attack targeted IBM X-Force customers. Expert Judith Myerson explains how these attacks work and how enterprises can defend against them. Continue Reading
-
Answer
11 Dec 2017
How does port swapping work to bypass two-factor authentication?
With a port swapping attack, hackers can bypass two-factor authentication and control a victim's mobile device. Judith Myerson explains how the attacks work and how to stop them. Continue Reading
-
Answer
07 Dec 2017
BlueBorne vulnerabilities: Are your Bluetooth devices safe?
Armis Labs discovered a series of vulnerabilities that enables remote connection to Bluetooth devices. Learn more about the BlueBorne vulnerabilities with expert Matt Pascucci. Continue Reading
-
Answer
04 Dec 2017
PGP keys: Can accidental exposures be mitigated?
The accidental publication of an Adobe private key could have put the company in jeopardy. Matt Pascucci explains how it happened and how to better protect PGP keys. Continue Reading
-
News
01 Dec 2017
Yahoo data breach hacker pleads guilty to cybercrime charges
One of the Yahoo data breach hackers pleaded guilty to his involvement in the attack. Plus, the FBI failed to notify U.S. officials that they were targets of Fancy Bear, and more. Continue Reading
-
Guide
01 Dec 2017
Cyberthreats, cyber vulnerabilities, and how to fight back
The key to countering cyberthreats today is to first understand your biggest vulnerabilities and then research the most effective countermeasures available to minimize them. Continue Reading
-
Answer
30 Nov 2017
How can Intel AMT be used to bypass the Windows firewall?
Software developed by the hacking group Platinum takes advantage of Intel AMT to bypass the built-in Windows firewall. Expert Michael Cobb explains how it works. Continue Reading
-
News
28 Nov 2017
Scarab ransomware joins with Necurs botnet for faster spread
The Scarab ransomware received an upgrade, and researchers have seen it being spread via the Necurs botnet, meaning the malware can spread to millions in a handful of hours. Continue Reading
-
News
22 Nov 2017
Uber breach affected 57 million users, covered up for a year
A 2016 Uber breach affecting data for 57 million users was covered up by the company, including a $100,000 payment to the attackers to keep the incident quiet. Continue Reading
-
Answer
17 Nov 2017
Ransomware recovery methods: What does the NIST suggest?
Knowing what ransomware recovery methods are available is important as the threat continues to grow. Expert Judith Myerson outlines what the NIST recommends for enterprises. Continue Reading
-
News
16 Nov 2017
Kaspersky sheds more light on Equation Group malware detection
A lengthy Kaspersky report offers more insight into how the antivirus company discovered Equation Group malware and came to possess classified U.S. government data. Continue Reading
-
News
14 Nov 2017
AVGater abuses antivirus software for local system takeover
A new proof-of-concept exploit, called AVGater, has found a way to abuse antivirus quarantines to attack systems and gain full control. Continue Reading
-
Tip
09 Nov 2017
Email security issues: How to root out and solve them
Effectively tackling email security issues requires infosec pros to address a broad range of areas, including cloud, endpoints, user training and more. Continue Reading
-
Answer
08 Nov 2017
WireX botnet: How did it use infected Android apps?
To avoid a mobile device catastrophe, several large tech organizations came together to stop the WireX botnet. Learn how this Android botnet with 300 infected apps was stopped. Continue Reading
-
Blog Post
31 Oct 2017
The Equation Group malware mystery: Kaspersky offers an explanation
Kaspersky Lab finally explained how it came to possess Equation Group malware, but does the company's latest statement answer enough questions about the ongoing drama? Continue Reading
-
Feature
31 Oct 2017
The Basics of Cyber Safety
In this excerpt from chapter four of The Basics of Cyber Safety, authors John Sammons and Michael Cross discuss basic email security. Continue Reading
-
News
30 Oct 2017
Bad Rabbit ransomware data recovery may be possible
Security researchers found a way to recover data locked by the Bad Rabbit ransomware without paying, and others said money might not have been the driver of the attacks. Continue Reading
-
News
27 Oct 2017
DUHK attack puts random number generators at risk
News roundup: Researchers find DUHK attacks can get around encrypted communications. Plus, FBI Director Wray criticizes mobile device encryption, and more. Continue Reading
-
Answer
27 Oct 2017
EternalRocks malware: What exploits are in it?
When NSA cyberweapons went public, attackers bundled them into the EternalRocks malware. Nick Lewis takes a closer look at this new threat and explains what's lurking inside. Continue Reading
-
News
26 Oct 2017
Bad Rabbit ransomware attacks planned long ago
The new Bad Rabbit ransomware spread through Russia and Ukraine, drawing comparisons to NotPetya, and researchers say the attacks were planned for a long time. Continue Reading
-
News
24 Oct 2017
DHS' Dragonfly ICS campaign alert isn't enough, experts say
The Department of Homeland Security released an alert confirming the Dragonfly ICS cyberattack campaign, but experts said more action is needed to protect critical infrastructure. Continue Reading
-
Answer
23 Oct 2017
HP keylogger: How did it get there and how can it be removed?
A keylogging flaw found its way into dozens of Hewlett Packard laptops. Nick Lewis explains how the HP keylogger works and what can be done about it. Continue Reading
-
Blog Post
20 Oct 2017
Latest Kaspersky controversy brings new questions, few answers
The Kaspersky controversy continued this week as the antivirus company responded to several explosive news stories about its relationship with the Russian government. Continue Reading
-
Podcast
17 Oct 2017
Risk & Repeat: Kaspersky antivirus scans implicated in NSA breach
In this week's Risk & Repeat podcast, SearchSecurity editors discuss reports implicating Kaspersky antivirus scans in the recently disclosed breach at the National Security Agency. Continue Reading
-
Answer
16 Oct 2017
How does Google Play Protect aim to improve Android security?
Google's new security platform, Google Play Protect, looks to decrease Android app security threats through machine learning. Michael Cobb explains how the new platform works. Continue Reading
-
Answer
10 Oct 2017
How are Windows shortcut files vulnerable to attacks?
A Windows vulnerability targets shortcut files and enables hackers to automatically execute code. Expert Judith Myerson explains the flaw and how to stop it. Continue Reading
