Endpoints are still encountering exploits for the LNK vulnerability, one of the principal infection mechanisms used by the Stuxnet worm.
Browsing Category: Vulnerabilities
Drupal released a point update for its core engine to patch a critical access bypass vulnerability.
Two vulnerabilities were identified in Bosch’s Drivelog Connect OBD-II dongle and smartphone app that allowed researchers to shut off the engine of a vehicle.
Oracle released a record 299 patches, including a fix for a Solaris vulnerability disclosed by the ShadowBrokers, and another for the recently disclosed Apache Struts 2 flaw.
Microsoft eased some anxiety over the latest ShadowBrokers dump of Windows zero days with news most of the vulnerabilities had already been patched.
VMware patched a critical vulnerability in its vCenter Server platform late last week that could have let an attacker execute arbitrary code in some scenarios.
The latest ShadowBrokers dump includes exploits that allowed the NSA to target SWIFT data managed by outsourced service bureaus in the Middle East.
Mike Mimoso, Tom Spring, and Chris Brook recap Infiltrate Con in Miami last week, and Kaspersky Lab’s Security Analyst Summit in St. Maarten
A researcher at this year’s Security Analyst Summit staged a series of honeypots at his friends’ houses to record IoT traffic, exploit attempts and other statistics.
Here are the exploit kits to watch for over the next three to six months.