The attackers behind the TeslaCrypt ransomware, which is one of the newer entries on the scene, may not be making as much money yet as some of their more experienced competitors, but researchers say that their malware is having a profound effect on victims. Like many other pieces of ransomware, TeslaCrypt often spreads with the […]
A group of Polish researchers is claims there are still several outstanding vulnerabilities in Google App Engines, including three complete Java sandbox escapes.
Dennis Fisher and Mike Mimoso talk about the VENOM vulnerability, the idea of marketing bugs, Microsoft’s new Edge browser security features and the awesome CSI: Cyber finale.
Google is rolling out a new policy that will force all Windows and Mac users to install Chrome extensions only from the Chrome Web store. The company last year began enforcing this policy for Windows users on the main, stable channel for Chrome. Google offers several different channels for Chrome users, depending upon their tolerance […]
Proof of concept code exploiting the VENOM vulnerability has surfaced. Its author says mitigating factors make VENOM difficult to exploit at scale.
The U.S. House voted 388-88 to end the NSA’s bulk collection of phone call metadata business records.
Cisco patched command injection, authentication bypass, and denial of service vulnerabilities in a number of its TelePresence products.
It’s been a couple of months since we left our heroes on CSI: Cyber, and boy, have they been busy.
Dennis Fisher talks with Dan Kaminsky about the VENOM bug, the value of virtual machine escapes, why everyone wants to make every bug the worst one of all time or just a bunch of hype and what the Avengers have to do with vulnerability disclosure.
SAP SE has fixed security vulnerabilities in a pair of compression algorithms used by a number of the company’s popular business management software programs.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
