February 27, 2017 Collision Attack Sounds the Death Knell for SHA-1 Cryptographic Function 2 min read - Google's announcement of the first-ever collision attack means the Secure Hash Algorithm 1 (SHA-1) is officially no longer secure.
February 23, 2017 Browser Bully? Malicious Google Chrome Extension Pushes User Buttons 2 min read - A malicious Google Chrome extension is making the rounds to deliver malvertising. Here's how it works and how to avoid getting scammed.
February 22, 2017 New Google Phishing Report: The Lure of Corporate Inboxes 2 min read - A new phishing report from Google Research makes it clear: Corporate inboxes lure the largest number of phishing and malware attacks.
February 20, 2017 Microsoft Patching Delay: A Huge Hacking Valentine? 2 min read - A patching delay has pushed new Microsoft updates back until March. Is this a belated Valentine's Day gift for cybercriminals?
January 31, 2017 Google’s JavaScript Ban Boosts SVG Image Misuse 2 min read - Cybercriminals have responded to Google's impending JavaScript ban by launching phishing attacks that seek to spread via infected SVG image files instead.
January 31, 2017 New Root Certificate Authority From Google Builds Foundations for Secure Web 2 min read - Google launched its own root certificate authority as part of a push to implement the secure web protocol HTTPS across all its services and products.
Software Vulnerabilities January 17, 2017 Going Inside an Arbitrary Kernel Write Vulnerability in the Nexus 9 (CVE-2016-3873) 3 min read - The IBM X-Force Application Security Research Team discovered an arbitrary write vulnerability in Nexus 9's kernel, putting application data at risk.
January 16, 2017 GoDaddy Goofs Up on SSL Certificate Security 2 min read - GoDaddy had a SSL certificate security problem. A flawed authentication protocol caused the site to revoke 9,000 SSL certificates.
January 12, 2017 Ad Fraud Generates Cash for Cybercriminals and Pain for Website Managers 2 min read - Security researchers discovered two unrelated ad fraud campaigns in which cybercriminals hijacked clicks from authentic Google advertisements.
Software Vulnerabilities January 5, 2017 Android Vulnerabilities: Attacking Nexus 6 and 6P Custom Boot Modes 4 min read - X-Force researchers disclosed several Android vulnerabilities that could enable cybercriminals to use custom boot modes to take over Nexus 6 and 6P modems.