Feb 23

Revisiting Meltdown and Spectre, Are the Updates Safe?

On January 3rd, 2018 the Meltdown and Spectre vulnerabilities were made public and meltdownattack.com was created to have a centralized place to publish the research papers and answer common questions.

read more →
Feb 06

Critical Vulnerability Found in Grammarly Spell Checker

Researchers have discovered a critical vulnerability in the Google Chrome and Firefox browser extension for the grammar checking software Grammarly. 

read more →
Feb 01

Massive Botnet Turns Windows Machines into Miners

Researchers have discovered a massive botnet that has taken over half a million Windows devices and turned them into cryptocurrency miners.

read more →
Dec 18

Dune Game Leaks Sensitive Data

Recently, researchers have discovered that the Android app “Dune!”, has been diseased with OWASP flaws is continuously leaking sensitive data.

read more →
Dec 08

Microsoft Releases Malware Patch for its…Malware Protection Engine

Yesterday, Microsoft released a patch to fix a remote code execution flaw, CVE-2017-11937, in its Malware Protection Engine (MPE).

read more →
Nov 29

Microsoft Word Vulnerability Allows Hackers to Gain Control of PCs

A Microsoft Word exploit has been active for 17 years, but only discovered and patched earlier this month.

read more →
Nov 15

Microsoft Office Vulnerability Lets Attackers Install Malware Without User Interaction

A new vulnerability in Microsoft Office has surfaced. The vulnerability is a memory corruption issue that resides in all versions of Microsoft Office that has been released in the past 17 years, which include Microsoft Office 365 and the latest version of Microsoft Windows 10.

read more →
Nov 06

Tor Browser Vulnerability

A Tor Browser vulnerability has surfaced in the wild dubbed “TorMoil” which leaks the users’ real IP addresses. The vulnerability affects Tor browser for MacOS and Linux but not Windows.

read more →
Oct 24

Microsoft Word DDE Exploit used in Malware Attacks

A new unpatched attack method has surfaced that exploits a built-in feature of Microsoft Office.

read more →
Oct 16

KRACK Attack WPA Vulnerabilities

Researchers have discovered and documented critical weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. The attack, dubbed KRACK (Key Reinstallation Attacks), allows attackers within range of the target wifi network to view seemingly “protected” information; and possibly “inject and manipulate” information, as well.

read more →