Why software has so many vulnerabilities, with Tanya Janca: Lock and Code S03E09

Today on Lock and Code, we speak with returning guest Tanya Janca about why so much of our software comes packaged with vulnerabilities.

Read more

Update now! Google releases emergency patch for Chrome zero-day used in the wild

Google’s rolled out a patch for Chrome that affects the V8 JavaScript engine. This high-severity flaw is currently being exploited.

Read more

MSHTML attack targets Russian state rocket centre and interior ministry

Someone is trying to use CVE-2021-40444 against valuable Russian targets.

Read more

A week in security (Sept 13 – Sept 19)

A round up of the previous week’s blogs and most interesting and relevant security events, hacks, and information.

Read more

Realtek-based routers, smart devices are being gobbled up by a voracious botnet

Yet again, recently disclosed vulnerabilities in smart devices are being exploited quickly to expand the Mirai botnet.

Read more

Katie Moussouris hacked Clubhouse. Her emails went unanswered for weeks: Lock and Code S02E15

On Lock and Code this week, we speak with Luta Security CEO and founder Katie Moussouris about how she hacked Clubhouse.

Read more

The story of ZeroLogon

ZeroLogon is a treasure for cybercriminals, an ongoing struggle for Microsoft, and a headache for everyone caught in the middle.

Read more

XSS to TSS: tech support scam campaign abuses cross-site scripting vulnerability

This tech support scam is being spread via Facebook links and uses several redirection mechanisms to avoid detection.

Read more

How CVSS works: characterizing and scoring vulnerabilities

CVSS, or Common Vulnerability Scoring System, provides developers, testers, and security professionals with a standardized process to assess vulnerabilities.

Read more

iOS Mail bug allows remote zero-click attacks

A newly-discovered vulnerability in iOS Mail can be used to attack an iPhone remotely using a malicious e-mail message, even if you’re running the latest version of iOS (13.4.1).

Read more

Select your language