vulnerabilities

To ensure that a vulnerability disclosure doesn’t cause more problems than it solves, we recommend a few simple principles.

Microsoft has posted a security advisory about vulnerabilities in Adobe Type Manager Library, which are already being exploited by cybercriminals.

Microsoft has released a patch for newly discovered critical vulnerability CVE-2020-0796 in the network protocol SMB 3.1.1.

On this podcast, Dave and Jeff discuss Windows 7’s end of life, a bug in the Windows CryptoAPI revealed by the NSA, Las Vegas hit with a cyberattack, and more.

Thanks to independent security researchers, we’ve fixed several security issues, protecting customers automatically.

Our ICS CERT experts found 37 vulnerabilities in four VNC implementations. The developers have fixed most, but not all, of them.

Outsiders can penetrate your network through LAN sockets and devices in public areas.

A Chrome vulnerability already exploited by attackers gets patched. We recommend updating your browser right now.

Contrary to common belief, public clouds are not highly secure by design, and so require additional protection.

Six severe vulnerabilities in iMessage that allow remote code execution and data stealing with no user interaction? Sounds like a good reason to update to iOS 12.4 as soon as possible.

Hacking security cameras through a smart light switch — and other interesting features of smart homes.

Office Wi-Fi may be a weak point in your security.

A newly discovered vulnerability allows hackers to eavesdrop on WhatsApp users, read their chats, and install spyware just by calling them. Update the app now!

Our proactive security technologies uncovered an attempt to exploit another zero-day vulnerability in win32k.sys.

The Microsoft Office threat landscape, and the technologies that help us catch related zero-day exploits, were the focus of this talk at the SAS 2019 conference.

Do you use plugins on your website? Make sure they are updated regularly.

A bug in WinRAR allows malefactors to gain full control over your device. All they need you to do is unpack a rigged RAR file.

Attackers display active interest in MSPs, exploiting vulnerabilities to infect their clients with cryptomalware.

Researchers at RSAC 2019 reported on the current vulnerability landscape and built a model that helps with effective patching strategy.

Systems designed to guard against car theft can be used to track, immobilize, and steal vehicles.

Our proactive technologies detected yet another Windows exploit that was used in APT attacks.