Adobe Flash Player reaches end-of-life

Adobe Flash Player has reached end-of-life. Here’s why you might want to uninstall it.

Read more

Malsmoke operators abandon exploit kits in favor of social engineering scheme

Threat actors behind malsmoke, one of the largest malvertising campaigns we’ve seen in recent months, have switched malware delivery tactics.

Read more

Taurus Project stealer now spreading via malvertising campaign

The Taurus Project stealer gains an additional distribution vector via exploit kit.

Read more

Malvertising campaigns come back in full swing

Threat actors monetize on adult traffic in several large malvertising campaigns.

Read more

Copycat criminals abuse Malwarebytes brand in malvertising campaign

This fake, copycat Malwarebytes site was set up by cybercriminals to distribute malware in a malvertising campaign. We examine the campaign—and the criminals’ motives.

Read more

A week in security (November 18 – 24)

A roundup of cybersecurity news from November 18 – 24, including Coalition against stalkerware, exploit kits, ransomware, data leaks, and juice jacking.

Read more

Pulse VPN patched their vulnerability, but businesses are trailing behind

After a vulnerability in a popular business VPN solutions was discussed at length and an easy to use exploit is available, organizations still fail to apply the patch. What’s up?

Read more

Five years later, Heartbleed vulnerability still unpatched

The Heartbleed vulnerability was discovered and fixed in 2014, yet today—five years later—there are still unpatched systems.

Read more

The Hidden Bee infection chain, part 1: the stegano pack

The Hidden Bee cryptominer has a complex and multi-layered internal structure that is unusual among cybercrime toolkits. That’s why we’re dedicating a series of posts to exploring its elements and updates made during one year of its evolution.

Read more

A week in security (July 29 – August 4)

A roundup of security news from July 29 – August 4 including Capital One breach, Lord Exploit Kit, more Magecart skimming, ATM attacks, QR code scams, and Equifax payout.

Read more

Select your language