The WannaCry ransomware — also known as WCry, Wana Decrypt0r, WannaCrypt, and WanaCrypt0r — infected a honeypot server made to look like a vulnerable Windows computer six times in theRead More →
A new malware family called Jaff has been identified by researchers who say they are currently tracking multiple massive spam campaigns distributing the malware via the Necurs botnet. “It cameRead More →
Decommissioned for years, Windows XP, 8, and Server 2003 get emergency update. A day after a ransomware worm infected 75,000 machines in 100 countries, Microsoft is taking the highly unusualRead More →
Wcry uses weapons-grade exploit published by the NSA-leaking Shadow Brokers. A highly virulent new strain of self-replicating ransomware shut down computers all over the world, in part by appropriating aRead More →
Trend Micro has discovered a new attack on internet-based IP cameras and recorders powered by a new Internet of Things (IOT) bot dubbed PERSIRAI. Trend Micro has discovered a newRead More →
PHPMailer bug leads to remote code execution via HTTP. Updated The popular Vanilla Forums software needs patching against a remote code execution zero-day first reported to the developers in DecemberRead More →
Major news sites in France including Le Monde and Le Figaro went down yesterday in the fallout of a DDoS attack. Many of the biggest French news sites were hitRead More →
A ransomware outbreak is wreaking havoc all over the world, but especially in Spain, where Telefonica — one of the country’s biggest telecommunications companies — has fallen victim, and itsRead More →
In this blog post we present new trivial vulnerabilities found on OnePlus One/X/2/3/3T OxygenOS & HydrogenOS. They affect the latest versions (4.1.3/3.0) and below. The vulnerabilities allow for a Man-in-the-MiddleRead More →
Lately I’ve been spending some time fuzzing network-related Linux kernel interfaces with syzkaller. Besides the recently discovered vulnerability in DCCP sockets, I also found another one, this time in packetRead More →
