First off, this is dead simple and shouldn’t work, but it does. Also, there is no possible way that I’m the first one that has identified this, but here itRead More →
Two security experts from the Rapid 7 firm revealed that tens of thousands of CISCO ASA boxes are still vulnerable to the NSA EXTRABACON exploit. A few weeks ago theRead More →
A new ransomware that pretends to be from a fake organization called the Central Security Treatment Organization has been discovered by security researcher MalwareHunterTeam. When the Central Security Treatment Organization, or Cry,Read More →
Just recently I stumbled upon an Android app that lets you receive free products in various pubs, restaurants or cafes in exchange for points accumulated with previous purchases. When theRead More →
Sundown EK fails to improve market share among fellow EKs. The Sundown exploit kit (EK), which has been trying to fill the void left by the death of the Angler andRead More →
Google’s Android security team has patched a vulnerability that left Nexus 5X devices open to attack even if the phone’s screen was locked. The vulnerability in Google’s line of phonesRead More →
Exploit kits are a class of threat that indiscriminately aims to compromise all users. Talos has continued to monitor this threat over time resulting in large scale research and evenRead More →
Apple patches two new zero-days in OS X and Safari.Apple released today two security bulletins for OS X and Safari aimed to fix three vulnerabilities related to the now infamousRead More →
Attackers have been using social engineering to avoid the increasing costs of exploitation due to the significant hardening and exploit mitigations investments in Windows. Tricking a user into running aRead More →
Vulnerability is easy to exploit, hard to spot. A CSRF vulnerability existed in the core of the Yandex Browser that allowed attackers to trick the browser’s synchronization feature into sending theRead More →
