vulnerabilitiesCVE-2023-28252 zero-day vulnerability in CLFS
Kaspersky experts discover a CLFS vulnerability being exploited by cybercriminals.
vulnerabilities
194 articles
Remote hacking of Samsung, Google and Vivo smartphones: the problem and the solution
Vulnerabilities found in the Exynos chipset allow Samsung, Vivo and Google smartphones to be remotely hacked if the owner’s phone number is known. How is this possible, and how to protect yourself?
iOSWhy you need to update iOS and macOS ASAP
You shouldn’t put off updating to iOS 16.3 and macOS Ventura 13.2 and future updates, and here’s why.
Major Android vulnerability goes unclosed for… almost six months!
One of the most curious and menacing bugs in Android smartphones, and the problems they had closing it.
Newly-discovered Signal vulnerabilities — how dangerous are they?
Researchers have found vulnerabilities in the desktop client of the Signal messenger. Let’s see how dangerous they really are.
tipsCybersecure Christmas
Many hacks have started during Christmas holidays. A few simple tips will reduce the chances of your company becoming the next victim.
Log4Shell a year on
A year after discovery, the Log4Shell vulnerability is still making itself felt.
The Long Road to Safe RAM Handling
We investigate the connection between software security and leaks when handling RAM.
minersPrices down, miners up
In 2022, cryptocurrency prices fell sharply, but malicious miners are more active than ever.
The consequences of a years-old SQLite vulnerability
An interesting bug in one of the most popular embedded DBMS.
ChronicleThe life and death of Adobe Flash
How a vector graphics editor helped create one of the internet’s most important technologies, and why it led to huge security risks.
Vulnerability in Zimbra exploiting ITW
Servers with the Zimbra Collaboration suit installed are being attacked via an archive unpacking tool.
Vulnerable updates in Cisco enterprise software
How even high-end solutions for business can have “childish” bugs in their update delivery systems.
The dangers of 15-year-old vulnerabilities
The developers of a run-of-the-mill Python module recently found out why old unpatched vulnerabilities can be dangerous.
Patches for 64 vulnerabilities in Microsoft products released
It’s time to update! Microsoft patches 64 vulnerabilities in a variety of products and components — from Windows and Office to Defender and Azure.
Weaponizing game code to attack a company
An unusual case of an attack executed by weaponizing legit video game code.
A Zoom vulnerability, and the war between the hackers and the developers
Takeaway from DEF CON 30: vulnerability in Zoom for macOS.
Retbleed attack, or Spectre strikes back
Using a recent study on hardware vulnerabilities in processors as an example, we contemplate the cost of security.
DogWalk and other vulnerabilities
Microsoft has released patches for more than 140 vulnerabilities, some of which need to be closed as soon as possible.
ILOVEYOU: the virus that loved everyone
We recall the story of the ILOVEYOU worm — one of the most infamous viruses from 22 years ago.
What’s Hertzbleed, and what’s so unique about it?
One of the most complex, yet easy to understand, infosec studies of recent times.