Chrome and Firefox Phishing Attack Uses Domains Identical to Known Safe Sites

Saturday, April 15th, 2017

There is a phishing attack that is receiving much attention today in the security community. As a reminder: A phishing attack is when an attacker sends you an email that contains a link to a malicious website. You click on the link because it appears to be trusted. Merely visiting the ...

Most of the Shadow Brokers exploits are already patched

Saturday, April 15th, 2017

This is getting a ton of press lately, but here is Microsoft's response to the latest leaks: Today, Microsoft triaged a large release of exploits made publicly available by Shadow Brokers. Understandingly, customers have expressed concerns around the risk this disclosure potentially creates. Our engineers have investigated the disclosed exploits, and ...

Booby-trapped Word documents in the wild exploit critical Microsoft 0day

Saturday, April 8th, 2017

There's a new zeroday attack in the wild that's surreptitiously installing malware on fully-patched computers. It does so by exploiting a vulnerability in most or all versions of Microsoft Word. The attack starts with an e-mail that attaches a malicious Word document, according to a blog post published Saturday by researchers ...

Fake Font Update on Google Chrome Uses Social Engineering to Infect Users with Ransomware

Friday, February 24th, 2017

We’ve seen social engineering attacks manipulate users time and time again. From phishing emails, to baiting attempts – this breed of cyberthreat has continued to manipulate users for years. And now a new scam has emerged that utilizes a fake update on Google Chrome to trick users into downloading and ...

Announcing the first SHA1 collision

Friday, February 24th, 2017

Cryptographic hash functions like SHA-1 are a cryptographer’s swiss army knife. You’ll find that hashes play a role in browser security, managing code repositories, or even just detecting duplicate files in storage. Hash functions compress large amounts of data into a small message digest. As a cryptographic requirement for wide-spread ...