• Meltdown/Spectre


    Overview Vulnerabilities in speculative execution, branch prediction, and application isolation that lead to sensitive information disclosure and affect almost all modern processors have recently been disclosed. Speculative execution and branch prediction are processes designed to increase the performance of processors by performing anticipatory calculations that may not be needed to complete a process. Application isolation […]

    View Details
  • ROBOT Attack


    OVERVIEW A vulnerability in the RSA cryptography used by TLS implementations has recently been disclosed. Transport Layer Security (TLS) is a mechanism for a security transport over network connections. The ROBOT Attack is based on a 19-year-old vulnerability discovered by Daniel Bleichenbacher that allows an attacker to decrypt arbitrary ciphertext without access to the RSA […]

    View Details
  • KRACK – Key Reinstallation Attacks – WPA2 Vulnerabilities


    A weakness affecting almost all implementations of the Wi-Fi Protected Access 2 (WPA2) protocol, Wi-Fi Protected Access 2, has recently been disclosed. An attacker within range of an access point or client may be able to use KRACK (Key Reinstallation Attack) to decrypt packets, inject HTTP content, hijack TCP connections, and perform out of sequence reception and retransmission once a Man-in-the-Middle session is established.

    View Details
  • Blueborne Security Bulletin


    Armis Labs has disclosed a vulnerability that affects nearly all systems using Bluetooth. "BlueBorne" does not require a system to be connected to a network, nor requires any action by an end user, and can spread to devices with Bluetooth enabled. This allows an attacker to connect to a Bluetooth enabled device without actively pairing and upload malware or establish a man-in-the-middle connection without the user's knowledge.

    View Details
  • SMBLoris Exploit


    A flaw in the way SMB handles memory allocation, which can be exploited with an attack coined SMBLoris, was disclosed at DefCon this past weekend. SMBLoris is exploitable through the use of a single, low bandwidth machine opening several low cost SMB connections to a server that does not limit the number of connections from […]

    View Details
  • Petya Ransomware


    A new version of the ransomware, Petya, has spread rapidly to many countries (including UK, Spain, Russia, Vietnam and Germany), with particular impact in Ukraine, in a matter of hours today. Petya is utilizing MS17-010, or ETERNALBLUE, a vulnerability disclosed by the Shadow Brokers to distribute this strain of ransomware. ETERNALBLUE uses Windows SMB remote […]

    View Details
  • WannaCryptor 2.0 Ransomware


    A new ransomware variant, WannaCryptor 2.0, has spread rapidly to many countries (including UK, Spain, Russia, Vietnam¬†and Germany) in the course of hours today. WannaCryptor 2.0 is utilizing MS17-010, or ETERNALBLUE, a vulnerability disclosed by the Shadow Brokers to distribute this strain of ransomware. ETERNALBLUE uses Windows SMB remote code execution (CVE-2017-0143 through CVE-2017-0148). Additional […]

    View Details
  • Hackers Exploit Apache Struts Vulnerability to Compromise Corporate Web Servers


    A remote code execution vulnerability affecting the default Jakarta Multipart parser in Apache Struts has recently been disclosed.

    View Details
  • “Ticketbleed” Flaw Exposes F5 Appliances to Remote Attacks


    A vulnerability, colloquially referred to as Ticketbleed vulnerability has been discovered in the TLS/SSL stack used by F5 Networks Inc. in their BIG-IP products. This vulnerability affects BIG-IP SSL virtual servers with the non-default session...

    View Details
  • Tax Season and W-2 Phishing


    Identity theft and tax refund fraud have been prevalent in United States for some time. Now that tax season is upon us, threat actors will increase their efforts to gain access to employee information on a company-wide scale through targeted...

    View Details