vulnerabilitiesSecurity of Electron-based desktop applications
A few words on why desktop applications based on the Electron framework should be approached with caution.
vulnerabilities
132 articles
windowsWrong system time and insecure Secure Time Seeding
Why the Windows system time can suddenly change, and how to stop it from happening.
What to patch first: prioritizing updates
Some thoughts on what PC software patches should be prioritized and why.
Zenbleed: new hardware vulnerability in AMD CPUs
Explaining an issue in popular PC and server CPUs in simple terms.
VPNHow to fix TunnelCrack VPN leaks
What caused a mass vulnerability in VPN clients, and how to keep them working.
CVE-2017-11882: five years of exploitation
It means that some companies still have not installed MS Office patches that were published 5 years ago.
Band-aid on a… corpse: Microsoft patches IE — again
July Microsoft Patch Tuesday: a collection of exploited vulnerabilities.
New hardware vulnerability in Intel processors
A brief, plain-language explanation of an advanced method of data theft using features of modern CPUs.
Internet Explorer is finally dead. Or is it?
In its February update, Microsoft buried Internet Explorer once and for all. Or did it? We investigate what really happened.
ChromeAnd now it’s Chrome needs updating!
Why you should update to the latest version of Google Chrome, Microsoft Edge, Opera, Yandex Browser, Vivaldi, Brave and other Chromium-based browsers.
iOSUpdate iOS and macOS right now — again!
Once again, very serious vulnerabilities have been found in Apple operating systems. Don’t delay updating to iOS 16.4.1 and macOS 13.3.1. Please note that updates are also available for iOS 15 and macOS 11 and 12.
CVE-2023-28252 zero-day vulnerability in CLFS
Kaspersky experts discover a CLFS vulnerability being exploited by cybercriminals.
Remote hacking of Samsung, Google and Vivo smartphones: the problem and the solution
Vulnerabilities found in the Exynos chipset allow Samsung, Vivo and Google smartphones to be remotely hacked if the owner’s phone number is known. How is this possible, and how to protect yourself?
Why you need to update iOS and macOS ASAP
You shouldn’t put off updating to iOS 16.3 and macOS Ventura 13.2 and future updates, and here’s why.
Major Android vulnerability goes unclosed for… almost six months!
One of the most curious and menacing bugs in Android smartphones, and the problems they had closing it.
Newly-discovered Signal vulnerabilities — how dangerous are they?
Researchers have found vulnerabilities in the desktop client of the Signal messenger. Let’s see how dangerous they really are.
Cybersecure Christmas
Many hacks have started during Christmas holidays. A few simple tips will reduce the chances of your company becoming the next victim.
Log4Shell a year on
A year after discovery, the Log4Shell vulnerability is still making itself felt.
The Long Road to Safe RAM Handling
We investigate the connection between software security and leaks when handling RAM.
Prices down, miners up
In 2022, cryptocurrency prices fell sharply, but malicious miners are more active than ever.
The consequences of a years-old SQLite vulnerability
An interesting bug in one of the most popular embedded DBMS.