Threats and vulnerabilities
Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.
Top Stories
-
News
04 Feb 2025
WatchTowr warns abandoned S3 buckets pose supply chain risk
WatchTowr researchers found that they could reregister abandoned Amazon S3 buckets and detail alarming ways that threat actors could exploit the attack surface. Continue Reading
-
Podcast
30 Jan 2025
Risk & Repeat: DeepSeek security issues emerge
The introduction of DeepSeek's new generative AI models has been met with fervor, but security issues have created apparent challenges for the Chinese startup. Continue Reading
-
Answer
13 Jul 2018
Drupalgeddon 2.0: Why is this vulnerability highly critical?
A recently discovered Drupal vulnerability in its open source CMS allowed attackers to control websites. Learn how almost one million sites were affected with Michael Cobb. Continue Reading
-
News
11 Jul 2018
GandCrab ransomware adds NSA tools for faster spreading
NSA exploit tools have already been used in high-profile malware. And now, GandCrab ransomware v4 has added the NSA's SMB exploit in order to spread faster. Continue Reading
-
Podcast
11 Jul 2018
Risk & Repeat: New concerns about smartphone spying
In this week's Risk & Repeat podcast, SearchSecurity editors discuss research that shows some Android apps record video of users' screens without permission or notifications. Continue Reading
-
News
10 Jul 2018
Stolen digital certificates used in Plead malware spread
Researchers found the spread of Plead malware was aided by the use of stolen digital certificates, making the software appear legitimate and hiding the true nature of the attacks. Continue Reading
-
News
06 Jul 2018
Researchers discover Android apps spying on users' screens
News roundup: Academic researchers discover Android apps secretly recording and sharing video of users' screens. Plus, an NSO Group employee lands in hot water, and more. Continue Reading
-
News
03 Jul 2018
RAMpage attack unlikely to pose real-world risk, expert says
The RAMpage attack against the Rowhammer vulnerability in Android devices is theoretically possible, but it may be more academic than it is a practical concern, one expert said. Continue Reading
-
Blog Post
29 Jun 2018
Cyber attribution: Why it won't be easy to stop the blame game
Infosec experts have argued that too much focus is put on cyber attribution, but moving away from publicly identifying threat groups and nation-states may be easier said than done. Continue Reading
-
News
29 Jun 2018
McAfee details rise in blockchain threats, cryptocurrency attacks
McAfee's new 'Blockchain Threat Report' charts a dramatic rise in cryptomining malware and details four major attack vectors for cryptocurrency-related threats. Continue Reading
-
News
28 Jun 2018
EFF's STARTTLS Everywhere aims to protect email in transit
The EFF's new STARTTLS Everywhere initiative aims to secure email as it transits the internet between mail servers to prevent mass surveillance, as well as email spoofing. Continue Reading
-
Answer
28 Jun 2018
How can a text editor plug-in enable privilege escalation?
Developers use text editors to enhance efficiency in the workplace even though they require vulnerable third-party plug-ins. Discover these vulnerabilities with Judith Myerson. Continue Reading
-
News
27 Jun 2018
TLBleed attack can extract signing keys, but exploit is difficult
A new side-channel attack on Intel chips, named TLBleed, can extract signing keys. But the researcher who discovered it said users shouldn't worry, because it's not the next Spectre. Continue Reading
-
Tip
26 Jun 2018
How studying the black hat community can help enterprises
White hat hackers often assimilate themselves into the black hat community to track the latest threats. Discover how this behavior actually benefits the enterprise with David Geer. Continue Reading
-
Answer
26 Jun 2018
How can a hardcoded password vulnerability affect Cisco PCP?
Cisco patched a hardcoded password vulnerability found in their PCP software. Learn how the software works and how attackers can exploit this vulnerability with Judith Myerson. Continue Reading
-
News
22 Jun 2018
China-based Thrip hacking group targets U.S. telecoms
News roundup: China-based Thrip hacking group used legitimate tools to attack companies in the U.S. and Southeast Asia. Plus, election officials didn't know about hacks, and more. Continue Reading
-
Tip
19 Jun 2018
How white hat hackers can tell you more than threat intelligence
White hat hackers can play a key role in assessing threats lurking on the dark web. Discover what traditional threat intelligence isn't telling you and how white hats can help. Continue Reading
-
News
18 Jun 2018
PyRoMineIoT cryptojacker uses NSA exploit to spread
The latest malware threat based on the EternalRomance NSA exploit is PyRoMineIoT, a cryptojacker infecting IoT devices. But experts said the NSA shouldn't be held responsible for the damages. Continue Reading
-
News
15 Jun 2018
FBI fights business email compromise with global crackdown
U.S. federal agencies worked with international law enforcement in Operation Wire Wire to find and prosecute alleged cybercriminals conducting business-email-compromise scams. Continue Reading
-
Answer
15 Jun 2018
How does UBoatRAT use Google services and GitHub to spread?
A new remote access Trojan called UBoatRAT was found spreading via Google services and GitHub. Learn how spotting command-and-control systems can protect enterprises with Nick Lewis. Continue Reading
-
News
13 Jun 2018
North Korea hacking threat still looms despite summit
Despite a summit between President Trump and North Korean leader Kim Jong Un, the threat of North Korean hacking and cyberespionage still looms large, according to experts. Continue Reading
-
Answer
13 Jun 2018
Scarab ransomware: How do botnets alter ransomware threats?
The use of botnets to spread Scarab ransomware intensifies the threat for enterprises. Discover the best way to respond to such a threat and protect data with Nick Lewis. Continue Reading
-
Answer
11 Jun 2018
AVGater vulnerability: How are antivirus products impacted?
A security researcher recently discovered a new vulnerability -- the AVGater vulnerability -- that puts antivirus products at risk. Discover how this vulnerability works with Nick Lewis. Continue Reading
-
Answer
06 Jun 2018
How did cryptomining malware exploit a Telegram vulnerability?
Hackers were able to exploit a Telegram vulnerability to launch cryptomining malware. Expert Michael Cobb explains how they were able to do so and how to prevent similar attacks. Continue Reading
-
Answer
04 Jun 2018
How bad is the iBoot source code leak for Apple security?
The iBoot source code on Apple devices was leaked to the public on GitHub. Expert Michael Cobb explains how it happened and what the implications are for iOS security. Continue Reading
-
Feature
01 Jun 2018
Business email compromise moves closer to advanced threats
The sophisticated techniques used in BEC scams differ from other email fraud in the steps taken to construct the criminal campaign. Here's how to stop these APT-style attacks. Continue Reading
-
Opinion
01 Jun 2018
Cybercrime study: Growing economic ecosystem spells trouble
New research shows that cybercriminals are gaining momentum with connected infrastructure and collectively earning billions annually from a cybercrime economy. Now what? Continue Reading
-
Podcast
31 May 2018
Risk & Repeat: Are ICS threats being overblown or ignored?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss dangers to critical infrastructure in the wake of a new report on the threat actors behind the Trisis malware. Continue Reading
-
News
31 May 2018
Yahoo hacker sentenced to five years in prison for massive breach
One of four Yahoo hackers was sentenced to five years in prison for his role in the massive 2014 breach, which included accessing millions of sensitive email accounts. Continue Reading
-
News
31 May 2018
Dragos' Robert Lee discusses latest ICS threats, hacking back
In part two of this interview from RSA Conference 2018, Dragos CEO Robert Lee discusses the latest threats to industrial control systems and how those threats can be exaggerated. Continue Reading
-
News
30 May 2018
Feds issue new alert on North Korean hacking campaigns
The U.S. government claims two notable malware campaigns are the work of North Korean nation-state hacking group Hidden Cobra, also known as the Lazarus Group. Continue Reading
- 29 May 2018
- 29 May 2018
-
News
25 May 2018
Creators of Trisis malware have expanded their ICS attacks
News roundup: Dragos researchers say the group behind the Trisis malware has expanded its ICS attacks. Plus, Roaming Mantis malware now targets iOS devices, and more. Continue Reading
-
News
25 May 2018
Dragos' Robert Lee explains why ICS security isn't all doom and gloom
Dragos' Robert Lee talks with SearchSecurity at RSA Conference 2018 about why there are reasons to be optimistic about the state of ICS security, despite growing threats. Continue Reading
-
Podcast
24 May 2018
Risk & Repeat: Breaking down the Efail flaws
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Efail vulnerabilities in PGP and S/Mime protocols, as well as the rocky disclosure process for the flaws. Continue Reading
-
Tip
24 May 2018
How the Meltdown and Spectre vulnerabilities impact security
The Meltdown and Spectre vulnerabilities impact the physical and hardware security of systems, making them extremely difficult to detect. Learn how to prevent these attacks with Nick Lewis. Continue Reading
-
News
23 May 2018
Wicked botnet: Another Mirai variant targets connected devices
Fortinet researchers uncovered a new variant of the Mirai malware, known as the Wicked botnet, which targets vulnerable IoT devices and uses multiple existing exploits. Continue Reading
-
News
22 May 2018
Newly disclosed Spectre variant 4 brings more side channel concerns
A new Spectre vulnerability was disclosed this week, adding to concerns about side channel attacks exploiting speculative execution in modern processors. Continue Reading
-
News
22 May 2018
Recorded Future sheds light on Iranian hacking operations
Recorded Future's Levi Gundert discusses how the Iranian government uses proxies and contractors to launch cyberattacks, and how its strategy presents challenges for the country. Continue Reading
-
News
22 May 2018
North Korean hackers linked to Google Play spyware
The 'Sun Team' group of North Korean hackers placed malicious apps in the Google Play store to target defectors and steal personal data such as photos, contacts and SMS messages. Continue Reading
-
News
21 May 2018
Recorded Future: Iranian cyberattacks poised to resume
Recorded Future's Levi Gundert explains why major cyberattacks against Western enterprises are expected to resume following the United States' withdrawal from the Iran nuclear deal. Continue Reading
-
News
18 May 2018
Telegrab malware threatens Telegram desktop users
News roundup: Telegrab malware enables hackers to grab encryption keys and browser credentials from Telegram sessions. Plus, DHS released its new cybersecurity strategy, and more. Continue Reading
-
Answer
18 May 2018
How does the Terror exploit kit spread through malicious ads
Zscaler recently discovered a malvertising campaign that spreads the Terror exploit kit through malicious ads. Discover more about the threat with expert Nick Lewis. Continue Reading
-
Podcast
17 May 2018
Risk & Repeat: Business email compromise on the rise
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the rise in business email compromise activity based on new data from the FBI's 2017 Internet Crime Report. Continue Reading
-
Tip
17 May 2018
Are Meltdown and Spectre real vulnerabilities or mere flaws?
There's been some debate over whether Meltdown and Spectre are true vulnerabilities. Expert Michael Cobb discusses what qualifies as a vulnerability and if these two make the cut. Continue Reading
-
Feature
16 May 2018
Illumio: Subtle data manipulation attacks pose serious threats
Illumio CTO P.J. Kirner discusses the threat of data manipulation and explains why subtle, hard to detect attacks could have devastating effects on enterprises. Continue Reading
-
Answer
16 May 2018
How does a DDE attack exploit Microsoft Word functionality?
The SANS Internet Storm Center discovered a DDE attack spreading Locky ransomware through Microsoft Word. Learn what a DDE attack is and how to mitigate it with expert Nick Lewis. Continue Reading
-
News
16 May 2018
Efail disclosure troubles highlight branded vulnerability issues
The Efail disclosure process was one day away from completion, but attempts to generate hype for the vulnerabilities led to details leaking earlier than researchers intended. Continue Reading
-
News
14 May 2018
Efail flaws highlight risky implementations of PGP and S/MIME
The messy disclosure of the Efail flaws raised questions about the security of email encryption, while experts said S/MIME may be more at risk than some PGP implementations. Continue Reading
-
News
14 May 2018
FBI: Business email compromise tops $676 million in losses
Verizon's Data Breach Investigations Report indicates an increase in ransomware while the FBI's Internet Crime Report shows a downward trend, with business email compromise on the rise. Continue Reading
-
Answer
14 May 2018
Bad Rabbit ransomware: How does it compare to other variants?
Bad Rabbit ransomware mimics other recent ransomware variants, such as NotPetya. Discover the similarities and differences between the two with expert Nick Lewis. Continue Reading
-
News
11 May 2018
Hardware debug documentation leads to widespread vulnerability
A hardware debug bug, apparently caused by unclear Intel hardware architecture documentation, infested almost all major OSes, as well as leading virtualization software. Continue Reading
-
Tip
10 May 2018
Three IoT encryption alternatives for enterprises to consider
The use of cryptography alternatives for IoT devices grants users certain benefits and potential security challenges. Learn more about each alternative with expert Judith Myerson. Continue Reading
-
News
09 May 2018
Microsoft patches Internet Explorer zero-day 'Double Kill'
Microsoft's Patch Tuesday for May includes fixes for two zero-day vulnerabilities under attack, including an Internet Explorer exploit known as Double Kill. Continue Reading
-
Blog Post
03 May 2018
Cybersecurity pervasiveness subsumes all security concerns
Given the increased digitization of society and explosion of devices generating data (including retail, social media, search, mobile, and the internet of things), it seems like it might have been ... Continue Reading
-
Answer
03 May 2018
IoT botnets: How are new Mirai variants impacting systems?
An increase of IoT botnets has been seen since the Mirai malware source code was leaked. Learn how the new variants pose to be a serious threat to IoT devices with Michael Cobb. Continue Reading
-
Answer
02 May 2018
How were Android Pixel vulnerabilities exploited?
Android Pixel vulnerabilities could open the smartphone up to attack. Expert Michael Cobb explains the vulnerabilities and how to defend against them. Continue Reading
-
News
30 Apr 2018
Windows NTFS flaw posted after disclosure gets nowhere
Proof-of-concept code showing how an NTFS flaw can shut down Windows systems was published by a security researcher nine months after he disclosed it to Microsoft. Continue Reading
-
News
30 Apr 2018
Phishing threats still dwarf vulnerabilities, zero-days
Proofpoint research shows that while phishing attacks now require victims to take more steps, the success rate for such attacks hasn't declined and enterprises are still on the defensive. Continue Reading
-
News
27 Apr 2018
DDoS-for-hire website taken down by law enforcement
Webstresser.org, a popular DDoS-for-hire website, was taken down by several law enforcement agencies across the globe. Details are sparse, but arrests have reportedly been made. Continue Reading
-
News
27 Apr 2018
Microsoft releases Spectre variant 2 microcode patches
Microsoft released new fixes that include the Intel microcode patches for Spectre variant 2 to help protect users on Windows 10 and Windows Server 2016. Continue Reading
-
Guide
27 Apr 2018
How air gap attacks challenge the notion of secure networks
Today's cyberattacks are taking new shapes and sizes in the ever-changing tech environment. This guide explores air gap attacks, the history behind them and the latest threats facing air-gapped networks. Continue Reading
-
News
26 Apr 2018
SecureWorks warns of business email compromise campaign
SecureWorks researchers uncovered an extensive business email compromise campaign targeting the maritime shipping industry, which may have cost organizations millions of dollars. Continue Reading
-
News
25 Apr 2018
BGP routing security flaw caused Amazon Route 53 incident
A BGP routing security flaw enabled unknown threat actors to steal cryptocurrency by hijacking internet routing and rerouting traffic to a phishing site in Russia. Continue Reading
-
Blog Post
19 Apr 2018
CrowdStrike unveils Meltdown exploit in unusual fashion
At RSA Conference 2018, CrowdStrike demonstrated a new Meltdown exploit that can harvest sensitive data such as passwords even on systems that are patched. Continue Reading
-
News
19 Apr 2018
Passive DNS techniques can reduce DNS abuse
Presenting at RSAC 2018, Farsight Security's Merike Kaeo explains how defenders can adopt passive techniques to reduce DNS abuse and stop attacks before they happen. Continue Reading
-
News
18 Apr 2018
Paul Kocher weighs in on Spectre flaws, vulnerability disclosure
At RSA Conference 2018, Paul Kocher, who co-discovered the Spectre flaws, discussed the chip vulnerabilities and explained why disclosure and mitigation efforts were so troubled. Continue Reading
-
News
17 Apr 2018
RSAC keynote speakers push teamwork, incremental improvements
The RSAC keynote speakers pushed a unified idea of collaboration across public and private sectors, improved teamwork and the value of incremental improvements in cybersecurity. Continue Reading
-
News
17 Apr 2018
Microsoft's Brad Smith urges action on nation-state cyberthreats
At RSA Conference 2018, Microsoft President Brad Smith warned of nation-state cyberattacks and called on governments and the private sector to do more to address them. Continue Reading
-
News
16 Apr 2018
Nuix hacker survey shows how easy it is to breach perimeters
The second annual Black Report -- a hacker survey aimed at getting a different perspective on cybersecurity -- detailed how long it takes to breach a perimeter and what attacks are easiest. Continue Reading
-
News
12 Apr 2018
Cryptojacking attacks may not challenge ransomware dominance
Cryptojacking attacks are on the rise, but experts are unsure if the threat can overtake the malware dominance of ransomware due to regulatory and profit questions. Continue Reading
-
News
06 Apr 2018
Pipeline cyberattack shuts down natural gas company communications
News roundup: A pipeline cyberattack shut down communications for several U.S. natural gas providers. Plus, Facebook removed accounts and pages run by the Russian IRA, and more. Continue Reading
-
E-Zine
03 Apr 2018
Cloud security threats in 2018: Get ahead of the storm
Consistent security for all data from cloud providers and third-party partners is what many consider the next evolution of cloud. The biggest cloud security threats for most companies, however, result from in-house staff mistakes, lack of patching and misconfiguration.
Even when the risks associated with cloud security threats are high, the cost benefits to organizations outweigh the risks. Enterprise spending for public cloud services worldwide is expected to reach $160 billion in 2018, according to the International Data Corporation. Software as a service still has the highest growth, followed by infrastructure as a service and platform as a service. Many technology platforms take advantage of public cloud security features, but large-scale clouds don't always mean large-scale threat protection. What cloud security threats should you watch out for in 2018?
"It seems like there's a lot of money to be made in cryptocurrency, and it is so much easier to attack [the internet of things] with Linux malware," said Mounir Hahad, head of threat research at Juniper Networks.
Botnets increasingly pose cloud security threats, powering distributed denial of service, ransomware and other crippling attacks. Ransomware remains one of the most lucrative for cybercriminals, who can easily find ransomware kits online. In this issue of Information Security magazine, we look at cloud security in 2018 and strategies to protect sensitive data from internal and external threats.
Continue Reading -
Opinion
03 Apr 2018
Marcus Ranum decodes hardware vulnerabilities with Joe Grand
Computer hardware designs with dangerous security flaws? That's no surprise to renowned hardware hacker Grand. Continue Reading
- 30 Mar 2018
-
Tip
27 Mar 2018
Emotet Trojan: How to defend against fileless attacks
An increase in fileless malware, including PowerShell malware, was reported in McAfee Labs' December 2017 Threat Report. Discover how enterprises can defend again fileless attacks. Continue Reading
-
Answer
27 Mar 2018
How can a Moxa MXview vulnerability be exploited by hackers?
A vulnerability was found in Moxa MXview -- a software used to visualize network devices and physical connections. Learn how this vulnerability can enable privilege escalation. Continue Reading
-
News
16 Mar 2018
Russian government hacking earns U.S. sanctions, warnings
The U.S. Treasury Department levied sanctions for Russian government hacking, as a joint alert from the FBI and DHS confirms election meddling and critical infrastructure attacks. Continue Reading
-
News
16 Mar 2018
Leaked report on AMD chip flaws raises ethical disclosure questions
Researchers announced AMD chip flaws without the coordinated disclosure procedure, and a leak of the research to a short seller has raised further suspicions about the process. Continue Reading
-
Answer
16 Mar 2018
AIR-Jumper: How can security camera lights transmit data?
Researchers developed aIR-Jumper, an exploit that leverages lights within security cameras to extract data. Learn how this attack works and how to prevent it with expert Nick Lewis. Continue Reading
-
Answer
15 Mar 2018
Com.google.provision virus: How does it attack Android devices?
The com.google.provision virus reportedly targets Android users, but little is known about it. Nick Lewis discusses the mystery threat and how Common Malware Enumeration may help. Continue Reading
-
News
13 Mar 2018
Researchers claim AMD flaws threaten Ryzen, EPYC chips
Ryzen and EPYC AMD flaws were partially detailed with just 24 hours' disclosure notice, despite potentially significant exploits, including secure processor takeover or security bypass. Continue Reading
-
Answer
13 Mar 2018
CCleaner malware: How dangerous is it to enterprises?
A watering hole attack led to CCleaner malware being installed on millions of systems. Nick Lewis explains how the attack worked and why it should concern enterprises. Continue Reading
-
News
12 Mar 2018
Olympic Destroyer was a false flag cyberattack, research claims
New research claims Olympic Destroyer was not the work of the North Korea-backed Lazarus Group; rather, it was a false flag cyberattack designed to mislead attribution efforts. Continue Reading
-
Answer
12 Mar 2018
ExpensiveWall malware: How does this SMS attack function?
A new SMS malware known as ExpensiveWall was recently discovered by Check Point. Learn how it infects devices and puts Android device users at risk with expert Nick Lewis. Continue Reading
-
News
08 Mar 2018
NSA tracking program watched foreign hackers in action
Researchers discovered evidence of an NSA tracking program designed to watch nation-state hackers and gather information as attacks were in progress. Continue Reading
-
Answer
07 Mar 2018
How can users deal with app trackers that collect customer data?
App trackers were found in hundreds of Google Play apps. Expert Michael Cobb explains the threat they pose and how GDPR has the potential to reduce the risk. Continue Reading
-
News
06 Mar 2018
Terabit DDoS attack hits 1.7Tbps and experts expect higher
Five days after a record breaking terabit DDoS attack, a new 1.7Tbps DDoS attack was detected taking advantage of improperly secured memcached servers to launch a reflection attack. Continue Reading
-
Answer
01 Mar 2018
Search engine poisoning: How are poisoned results detected?
Poisoned search results have spread the Zeus Panda banking Trojan throughout Google. Learn what this means, how search engine poisoning works and what can be done to stop it. Continue Reading
-
Answer
28 Feb 2018
Fileless malware: What tools can jeopardize your system?
A report from CrowdStrike highlights the growth of malware-less attacks using certain command-line tools. Learn how to handle these growing attacks with Matt Pascucci. Continue Reading
-
News
27 Feb 2018
Ad network cryptojacking attack bypasses ad blockers
Qihoo 360's Netlab team discovered an online ad network has been bypassing ad blockers and running cryptomining software in the browsers of unsuspecting visitors. Continue Reading
-
News
23 Feb 2018
Hackers used SWIFT-based attacks to steal millions from banks
News roundup: Hackers once again used SWIFT-based attacks to steal millions from Russian and Indian banks. Plus, hackers used an L.A. Times website for cryptojacking, and more. Continue Reading
-
Answer
22 Feb 2018
Typosquatting: How did threat actors access NPM libraries?
Typosquatting was used by threat actors to spread malware in the NPM registry. Learn from expert Nick Lewis how this method was used and what it means for users. Continue Reading
-
News
21 Feb 2018
Cryptojacking attacks hit enterprises' cloud servers
Cloud security vendor RedLock discovered threat actors had gained access to several enterprise cloud environments, including Tesla's, and used them for cryptojacking schemes. Continue Reading
-
Podcast
21 Feb 2018
Risk & Repeat: Intel bug bounty tackles side channel attacks
In this week's Risk & Repeat podcast, SearchSecurity editors examine Intel's new bug bounty for side channel attacks and what it says about Meltdown and Spectre. Continue Reading
-
Answer
21 Feb 2018
How are tech support scams using phishing emails?
Threat actors are using phishing email campaigns to fool users with tech support scams and fake Blue Screens of Death. Learn how these campaigns work with expert Nick Lewis. Continue Reading
-
Tip
20 Feb 2018
Protecting safety instrumented systems from malware attacks
Trisis malware targets safety instrumented systems and puts industrial control systems at risk. Expert Ernie Hayden reviews what to know about SIS and its security measures. Continue Reading
-
News
16 Feb 2018
Olympic Destroyer malware more complex than first thought
News roundup: The Olympic Destroyer malware is more sophisticated than researchers first thought. Plus, Microsoft looks to change identity management with blockchain, and more. Continue Reading
-
Answer
16 Feb 2018
What can be done to prevent a swatting attack?
A swatting attack resulted in the death of a Kansas man. Expert Judith Myerson looks at the technology these attacks use and what can be done to make sure they don't happen again. Continue Reading
-
News
14 Feb 2018
Zero-day Telegram vulnerability exploited for cryptomining
Kaspersky Lab disclosed a zero-day vulnerability in Telegram that the security vendor says was abused by Russian cybercriminals in a cryptomining malware campaign. Continue Reading
-
Answer
14 Feb 2018
What can enterprises do to prevent an IoT botnet attack?
An IoT botnet attack on Huawei home routers showed similarities to the Mirai malware. Expert Judith Myerson explains the threat and how enterprises can protect themselves. Continue Reading
