Elden Ring exploit traps players in infinite death loop

We take a look at a hack affecting people in the multiplayer component of the new Souls title Elden Ring, and how players avoided it.

Read more

Apply those updates now: CVE bypass offers up admin privileges for Windows 10

A CVE bypass offers up the possibility of admin privileges on Windows 10 machines. Find out what’s happened, and how you can avoid it.

Read more

Dark Souls servers taken offline over hacking fears

We look at an exploit used to invade gaming sessions of Dark Souls, leading to PvP servers being taken offline.

Read more

Keep Zoombombing cybercriminals from dropping a load on your meetings

In a zeitgeisty moment, Zoom has become the web conference tool of choice for everyone. Unfortunately, cybercriminals are taking note and Zoombooming the public. We show readers how to protect against this intrusion of privacy.

Read more

APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT

We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data.

Read more

A week in security (March 2 – 8)

A roundup of the previous week’s security headlines, including the introduction of a new series on child identity theft, an examination of law enforcement’s cybersecurity woes, a progress check on our stalkerware initiative, and more coronavirus scammers on the prowl.

Read more

Pulse VPN patched their vulnerability, but businesses are trailing behind

After a vulnerability in a popular business VPN solutions was discussed at length and an easy to use exploit is available, organizations still fail to apply the patch. What’s up?

Read more

New iOS exploit checkm8 allows permanent compromise of iPhones

A new exploit for iOS enables attackers to gain permanent access to iPhones, iPads, Apple Watches, and more—with zero potential for patching. Learn why this is possibly the biggest security news for iOS since its inception.

Read more

4 lessons to be learned from the DOE’s DDoS attack

The Department of Energy was subject to a DDoS attack that caused major disruptions in their operations. Is the smart grid ready for such an attack? Here are the lessons we can take away from the event.

Read more

Microsoft pushes patch to prevent ‘WannaCry level’ vulnerability

This month marks two years since the infamous WannaCry attack. Now a Remote Desktop Protocol (RDP) vulnerability has been discovered that could be used in a similar large-scale attack—though Microsoft has released a patch. Have you updated yet?

Read more

Select your language