Vulnerabilities & Exploits

Is it better to focus on defending against attacks that exploit old or new vulnerabilities? It doesn't matter. You can cover both with an IT staff that's both agile and proactive.

A new vulnerability was recently found in Samba, the Windows interoperability suite of programs for Linux and Unix. The vulnerability, once successfully exploited, could result in remote code execution, which may possibly compromise a server’s security.

Microsoft has enabled a new exploit mitigation mechanism in Windows 10 and 8.1 called Control Flow Guard that makes vulnerabilities more difficult to exploit. This paper takes an in-depth look at its implementation and weaknesses.

In a thorough investigation of gas pumps that use the Guardian aboveground storage tanks (AST) monitoring system in the United States, threat researchers Kyle Wilhoit and Stephen Hilt found one particular unit that has been tampered with.

2014 Annual Security Roundup: 2014 was the year of mega breaches, hard-to-patch vulnerabilities, and thriving cybercriminal underground economies.

Software vulnerabilities are a fact of life, and developers and users need to be more proactive when dealing with them, rather than simply being reactive. This video talks about vulnerabilities, their effects, and what can be done about them.

A new Cross-site Scripting vulnerability has recently come to light, allowing cybercriminals to hijack sessions, steal authentication cookies, and launch phishing attacks. Learn about XSS and find out what you can do to prevent this type of threat.

Trend Micro researchers found that the recently discovered Adobe Flash player zero-day vulnerability is being abused by malware advertisements used by a top video-sharing site, among other sites. Update: Adobe has released an update that addresses this vulnera

A new zero-day vulnerability has been discovered that affects the most current version of Adobe Flash.