Exploit

Researcher hacks city's WiFi service using buffer-overflow exploit

By

As a growing number of cities provide free WiFi networks become, a security researcher demonstrated his successful hack of his city's WiFi network.

Linux-run IoT devices under attack by NyaDrop

By

Internet of Things (IoT) devices running on the open-source Linux OS are under attack from NyaDrop.

Brazil hotbed of financial fraud, report

By

Brazil has emerged as a primary centre of financially motivated e-crime threat activity.

1.5 billion Windows computers potentially affected by unpatched 0-day exploit

1.5 billion Windows computers potentially affected by unpatched 0-day exploit

By

Trustwave has found a zero-day exploit which it said affects all versions of Microsoft's OS Windows, all the way from Windows 2000 up to a fully patched version of Windows 10.

ICYMI:; Backdoor concerns; TalkTalk losses; EBay exploit; Safe-Harbour 2; Malwarebytes flaw

ICYMI:; Backdoor concerns; TalkTalk losses; EBay exploit; Safe-Harbour 2; Malwarebytes flaw

The latest In Case You Missed It (ICYMI) looks at; Investigatory Powers Bill; TalkTalk woes continue; EBay exploit unfixed; EU-US Privacy Shield agreed; Malwarebytes apologises for flaw.

Trend Micro patched flaws would let hackers execute malicious code

By

Trend Micro patched several critical flaws in Password Manager found by a Google Project Zero research that allowed hackers to execute malicious code.

Revamped RIG exploit kit infects one million PCs

Revamped RIG exploit kit infects one million PCs

By

A new version of the widely-distributed RIG exploit kit has emerged and is infecting around 27,000 PCs each day, according to researchers at Trustwave Spiderlabs.

TeslaCrypt ransomware hackers caught using Angler EK and Tor

TeslaCrypt ransomware hackers caught using Angler EK and Tor

By

Angler exploit kit use in TeslaCrypt ransomware signals new trend in blackmailing malware

Realtek SDK security flaw found in SOHO routers

Realtek SDK security flaw found in SOHO routers

By

Several models of home and small office routers, which use an SDK from Realtek, are vulnerable to an exploit which would allow attackers to run arbitrary code without authentication.

Researcher discovers 'critical' new Adobe Flash zero-day

Researcher discovers 'critical' new Adobe Flash zero-day

By

A widely-used exploit kit called 'Angler' has apparently been used to target a new zero-day affecting the latest versions of Adobe's Flash Player.

2 million cars vulnerable to USB dongle attack

2 million cars vulnerable to USB dongle attack

By

A security researcher has discovered over two million US-made cars could be attacked via insecure USB dongles.

iCloud hole closed following brute force attack

iCloud hole closed following brute force attack

By

A hole in iCloud's security allowed attackers to access any iCloud account via a brute force attack that side-stepped blocks - but it is now reported to have been patched.

Defending against APTs: 'We are behind the curve'

Defending against APTs: 'We are behind the curve'

By

High-profile CISOs and senior IT security managers talked advanced persistent threats (APTs) and how they can be countered at SC Magazine's latest roundtable in central London.

Shellshock vulnerabilities exploited in the wild

Shellshock vulnerabilities exploited in the wild

By

Linux: open source software is highly pervasive making the Shellshock vulnerability potentially more serious than Heartbleed.

All your vulnerabilities belong to us: The rise of the exploit

All your vulnerabilities belong to us: The rise of the exploit

The growing impact of web exploits isn't just limited to the enterprise market and must be countered on an industry-scale, says Pedro Bustamante.

Malwarebytes raises more than £17 million in VC funding

By

San Francisco-based endpoint security company Malwarebytes announced today that it has received $30 million (approximately £17.53 million) in Series A funding from Highland Capital Partners.

pFragments Microsoft Office exploit resurfaces again

pFragments Microsoft Office exploit resurfaces again

By

A Microsoft Office exploit - CVE-2010-3333, which was first discovered around 18 months ago - is reportedly now being used once again to attack business users of the popular application suite.

Research firm says satcom terminals wide open to exploits

Research firm says satcom terminals wide open to exploits

By

Report calls on vendors to provide official workarounds

Microsoft rushes out fix for zero-day Word flaw

Microsoft rushes out fix for zero-day Word flaw

By

Microsoft has rushed out a quick fix for a Microsoft Word zero-day flaw that is now being used in cyber-crime attacks.

The final countdown for Windows XP

The final countdown for Windows XP

By

Microsoft develops migration utility to smooth upgrades; warning pop-ups to appear from this week; University of Illinois to block XP-driven PCs

'Chinese spies' launch new Adobe zero-day attack

'Chinese spies' launch new Adobe zero-day attack

By

A group of Chinese spies are believed to have resurfaced to attack vulnerable political and non-profit groups, after FireEye discovered them using a new zero-day Adobe exploit.

Criminals use new zero-day bug to 'target military and defence'

Criminals use new zero-day bug to 'target military and defence'

By

Security researchers have uncovered a new Internet Explorer zero-day bug that they believe has been used to target the US military and French arms suppliers in what's feared to be the start of a cyber espionage campaign.

Pass the hash - again

Pass the hash - again

2014 could be set to become the year of PTH suggests Calum MacLeod, VP of EMEA at Lieberman Software Corporation

Concerns rise on new DDoS bot 'Trojan Ferret'

Concerns rise on new DDoS bot 'Trojan Ferret'

By

A new distributed-denial-of-service (DDoS) bot called 'Trojan Ferret' has been discovered.

SC Webcasts UK

Sign up to our newsletters

FOLLOW US