Vulnerabilities & Exploits

Microsoft will be putting the 20 year-old Internet Explorer to rest. With so many Web apps that still reply on older versions of IE, should admins be concerned?

In this video, Trend Micro CTO Raimund Genes discusses how security researchers and software vendors should work together and to stop fueling the industry that buys and sells vulnerability information.

Exploit kits have been around since 2006, and have been continuously evolving to take advantage of vulnerabilities found on popular software. This research paper discusses what exploit kits are, how they work, and how they evolved over time.

We noticed a problematic pattern developing: the increasing use of exploit kits in malvertising. Zero-day exploits are now deployed in malicious ads, instead of first being used in targeted attacks against enterprises and other organizations.

An old flaw that affects TLS/SSL, an authentication protocol used by countless websites and browsers has been discovered that allows cybercriminals to decrypt sensitive information from secure sites.

Recently, a security researcher disclosed that Seagate’s Network Attached Storage (NAS) unpatched vulnerabilities leaves thousands at risk. Find out what you can do to secure your NAS devices in order to avoid likely attacks.

Is it better to focus on defending against attacks that exploit old or new vulnerabilities? It doesn't matter. You can cover both with an IT staff that's both agile and proactive.

A new vulnerability was recently found in Samba, the Windows interoperability suite of programs for Linux and Unix. The vulnerability, once successfully exploited, could result in remote code execution, which may possibly compromise a server’s security.

Microsoft has enabled a new exploit mitigation mechanism in Windows 10 and 8.1 called Control Flow Guard that makes vulnerabilities more difficult to exploit. This paper takes an in-depth look at its implementation and weaknesses.