A couple of weeks ago, the world woke up to the news of the first BlueKeep exploit. This exploit has been expected since May, when Microsoft took the unusual step of releasing patches for out-of-support product versions alongside a warning that, “it is possible that we won’t see this vulnerability incorporated into malware. But that’s not [...]
There’s a storm brewing for embedded Internet of Things (IoT) and network-attached storage (NAS) devices after the recent discovery of 125 IoT and NAS device vulnerabilities.
Apple failed to patch macOS zero-day vulnerability BuggyCow, forcing Google to share news of the flaw
A Microsoft Office vulnerability first discovered in July 2017 has been exploited by Formbook malware
The FaceTime Bug allowing unauthorized microphone and camera access is the latest chapter in Apple’s information disclosure story
Cryptominers have become their own class of malware, growing in popularity as a low-risk, high-reward way for cybercriminals to make an easy crypto-buck. In this post, we’ll look at the members of the cryptomining malware family and their techniques. Browser-Based Cryptomining Software CoinHive, Crypto-Loot and JSEcoin allow website owners to legitimately monetize website traffic. Favoring [...]
If 2017 was the year of high-profile data breaches and ransomware attacks, 2018 seems to be the year of cryptocurrency-related malware. Cryptominers managed to impact 23 percent of organizations globally. Cryptomining is relatively new, and not all of it is purely malicious. Some cryptominers are considered to be legitimate techniques to gain cryptocurrency, akin to [...]