Spyware linked to NSO Group has exploited a newly discovered flaw in Apple devices, Citizen Labs has warned
News exploit
Nearly Half Of Ransomware Victims Pay Up, Sophos Finds
Sophos report finds ransomware encryption attacks at their highest level for four years, with 66 percent of organisations being targetted
Tech Industry Scrambles Over Log4j Vulnerability
Vulnerability found in Apache logging library Log4j exposes popular apps, websites and online services to attack and exploitation
Apple Sues NSO To ‘Curb Abuse Of State-Sponsored Spyware’
Tech giant Apple adds to growing pressure on NSO by filing a lawsuit against the surveillance specialist for targetting its users
Apple iPhone Exploit Allows Users To ‘Jailbreak’ Devices
Fully updated Apple devices contain the exploit that allows the first public jailbreak for Apple's iOS operating system for nearly four years
Apple Denies iPhone Mail Flaw Has Been Used In The Wild
Disputes claim by researcher ZecOps that the iPhone Mail flaws have been exploited at least six times against high-profile victims
WhatsApp Sues NSO For ‘Advanced’ Surveillance Hack Claim
Facebook division files lawsuit against NSO Group, because of alleged surveillance tool exploit
SAP Flaw Leaves 50,000 Companies Vulnerable
New exploits targeting SAP business applications released in a public forum, warn security researchers
Home Secretary ‘Demands’ Action From Tech Firms On Child Abuse
Sajid Javid pledges more cash, and demands tech giants tackle online child sexual abuse, or face legislation
Microsoft Disables Intel’s Spectre Patch
Microsoft issues emergency update to disable Intel’s Spectre 2 patch, amid reports of data loss caused by reboots
Intel Confirms Newer Chips Impacted By Spectre, Meltdown Patches
Chip giant admits patches will cause reboot problems for newer chips and clarifies likely performance impact
Meltdown & Spectre: Intel Chip Exploit Also Impacts ARM, AMD Chips
'Not just us' says Intel, as ARM and AMD are also said to be vulnerable to one of the flaws
Servers Affected By Serious Flaw In Unix-Like Systems
Linux, BSD and Solaris are all affected by memory management bugs that could allow attackers to execute malicious code
Flash Patched After Rosetta Exposes Serious Vulnerability
Users urged to patch Adobe Flash as soon as possible after discovery of a new vulnerability
Security: The Fine Line Between Disclosure And Violation
Apple and Facebook had to decide whether hackers had disclosed useful data, or violated their terms, says Sean Michael Kerner
Post-PWN2OWN: Are Exploit Sellers Playing Nicer?
PWN2OWN paid money for security attacks. It could mark a turning point controversy over exploit sellers, says Tom Brewster
Pwnium 2 Closes After A Single Submission
The $2 million Chrome hacking competition yielded just one serious exploit
Flashback Mac OS X Trojan Spread Via WordPress Blogs
Mac OS X users were infected with the Flashback malware via hijacked WordPress websites, according to Kaspersky researchers
Kaspersky Lab Discovers Invisible Memory-Only Bot
The clever Russian malware hides in RAM and spreads trough banners on news websites
Exploit Tools Armed To Attack New Java Flaw
Two exploit kits begin attacks on systems unpatched against new cross-platform Java flaw
Large Enterprises Fail Social Engineering Tests
DefCon staged a social engineering test on 14 major companies which harvested information with ease
US Critical Infrastructure Weathers Cyber-Assaults
The US' critical infrastructure is facing a growing number of attacks, says the Department of Homeland Security
Traditional Defences Can’t Stop APT, Zero-Day Threats
Security vendor warns that antivirus and intrusion prevention are not enough to stop cyber-attackers
Facebook Exploit App Toolkits Going Cheap
Websense uncovered a toolkit for building rogue "Who Tracks You" Facebook applications selling for £15
Zeus Malware Targets Security Researchers
An exploit toolkit linked to the Zeus trojan has been used as a honeypot to attack researchers and rivals
Zero-Day Flaw In Internet Explorer Exploited In Spam Attack
A malware attack has been exploiting a zero-day vulnerability in Internet Explorer, prompting Microsoft to issue an advisory
Microsoft Reports Over Six Million Java Attacks In Q3
Six million attacks in the third quarter of 2010 targeted just three Java vulnerabilities, Microsoft reported
Foxconn Strongly Rejects Abuse Claims
Taiwanese tech manufacturer Foxconn has strenuously rejected 'unsubstantiated allegations' in the Chinese media that its staff are being abused
Complexity Of Security Exploits Increasing
Exploits are getting more complex, reports HP TippingPoint DVLabs, Qualys and The SANS Institute
Why Selling Exploits Is A Good Idea
An online market for security exploits sounds a dangerous concept - in fact, it's a good idea that should help keep companies safe, says Peter Judge