Wana Decrypt0r Ransomware Using NSA Exploit Leaked by Shadow Brokers Is on a Rampage

Friday, May 12th, 2017

Ransomware scum are using an SMB exploit leaked by the Shadow Brokers last month to fuel a massive ransomware outbreak that exploded online today, making victims all over the world in huge numbers. The ransomware's name is WCry, but is also referenced online under various names, such as WannaCry, WanaCrypt0r, WannaCrypt, ...

Explained – How Intel AMT Vulnerability Allows to Hack Computers Remotely

Friday, May 5th, 2017

Earlier this week Intel announced a critical escalation of privilege bug that affects its remote management features shipping with Intel Server chipsets for past 7 years, which, if exploited, would allow a remote attacker to take control of vulnerable PCs, laptops, or servers. The vulnerability, labeled CVE-2017-5689, affects Intel remote management ...

Chrome and Firefox Phishing Attack Uses Domains Identical to Known Safe Sites

Saturday, April 15th, 2017

There is a phishing attack that is receiving much attention today in the security community. As a reminder: A phishing attack is when an attacker sends you an email that contains a link to a malicious website. You click on the link because it appears to be trusted. Merely visiting the ...

Most of the Shadow Brokers exploits are already patched

Saturday, April 15th, 2017

This is getting a ton of press lately, but here is Microsoft's response to the latest leaks: Today, Microsoft triaged a large release of exploits made publicly available by Shadow Brokers. Understandingly, customers have expressed concerns around the risk this disclosure potentially creates. Our engineers have investigated the disclosed exploits, and ...

Booby-trapped Word documents in the wild exploit critical Microsoft 0day

Saturday, April 8th, 2017

There's a new zeroday attack in the wild that's surreptitiously installing malware on fully-patched computers. It does so by exploiting a vulnerability in most or all versions of Microsoft Word. The attack starts with an e-mail that attaches a malicious Word document, according to a blog post published Saturday by researchers ...