An exploit (from the verb to exploit, in the meaning of using something to one’s own advantage) is a piece of software, a chunk of data, or sequence of commands that takes advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behaviour to occur on computer software, hardware, or something electronic (usually computerised).
All stories in Exploit (computer security)
-
Pardon the Intrusion #32: When an exploit becomes a work of art
Google Project Zero have been adept at finding security flaws, but this impressive new disclosure from Ian Beer beats everything ...
-
MacOS security bug could allow a bogus version of Safari to steal your data
Last year, Apple expanded its security bounty program to include macOS after several years of offering the same for iPhone ...
-
The $2.6B Escobar vs. Apple lawsuit — here’s what the experts have to say
The $2.6 billion Escobar vs. Apple lawsuit seems like it's full of shit, so we asked some people in the know. And, yeah, ...
-
Coronavirus hype leads New York's top lawyer to probe Zoom over security
Zoom so far says its school services are in line with federal laws, but let's see if that tune changes with New York's top ...
-
How a shady anti-piracy company got Google to take down posts containing the word 'did'
A copyright watchdog service recently convinced Google to hide Search listings for websites containing the word “did,” ...
-
How to implement a ‘threat model’ to beef up your organization’s security
A threat model is the most effective way to take stock of your company’s security and make sure it’s continuously up-to-date. ...
-
Amazon Ring owners foil $400K Bitcoin extortion plot by removing batteries
Hackers will do anything to get their hands on Bitcoin. Extortionists managed to breach Ring cameras to demand cryptocurrency ...
-
Bitcoin ransomware hacker must pay $356K or spend 2 more years in prison
A jailed hacker responsible for distributing highly effective Bitcoin-demanding ransomware campaigns has been ordered to ...
-
Bugs in Qualcomm chips leaked private data from Samsung and LG phones
Researchers have disclosed a set of vulnerabilites affecting Qualcomm chipsets that could allow a potential attacker to steal ...
-
Hackers inject 'coin-stealing' malware into official Monero cryptocurrency wallet
Privacy-focused cryptocurrency Monero has warned users that hackers compromised its official website after a coin stealer. ...
-
WhatsApp fixes bug that would have let hackers exploit devices using MP4 files
WhatsApp has fixed a vulnerability involving involves malicious MP4 video files that could potentially allow an attacker ...
-
Hackers are using a bug in PHP7 to remotely hijack web servers
Things are going to get worse before they get better.
-
Facebook removes accounts used to distribute malware since 2014
Facebook has shut down more than 30 accounts that were found to be spreading malware through malicious links that claimed ...
-
Google's Titan Security Keys can be hijacked remotely, replace yours now
Google is recalling Bluetooth versions of its Titan Security Key after it found a vulnerability that allows attackers in ...
-
Researchers find Bitcoin sextortion malware also mines Monero
This malware can also read clipboard data and replace Bitcoin addresses with its own, presumably to redirect any transactions ...
-
Attackers actively exploiting 'Simjacker' flaw to steal device data and spy on individuals (Updated)
Cybersecurity researchers have warned of a critical vulnerability in SIM cards that could allow remote attackers to spy on ...
-
A bug in Indian local search app exposed over 156 million accounts
A major flaw in an Indian local search app, Justdial, allowed hackers to log in to any of its 156 million users accounts. Apart ...
-
Adware campaign exploits Chrome and Safari bugs to serve over 1B malicious ads
eGobbler exploits "obscure" bugs in WebKit and Chrome browsers to serve over 1 billion malicious ads in less than two months, ...
-
WhatsApp bug allowed hackers to steal files and messages with GIFs
A vulnerability in WhatsApp made it possible for attackers to gain access to your files nad messages by tricking you to open ...
-
Zero-day exploits: 14 things to remember when an issue is discovered
Zero-day exploits can be detrimental to businesses. However, depending on how you handle an incident when it occurs, you ...
-
Microsoft issues emergency Windows patch to address Internet Explorer zero-day flaw
Microsoft has issued an emergency out-of-band security update to address two critical vulnerabilities impacting Internet ...
-
Zcash network urged to update nodes immediately to push 'important security fix'
If you're running a Zcash node, you had better go download the latest software and update right now to avoid exposing the ...
-
Meet Panda, an illicit cryptocurrency mining crew terrorizing organizations worldwide
Panda isn't very sophisticated, but it is absolutely prolific: researchers say the crew could've earned roughly $90,000 in ...
-
Google researchers reveal data-stealing, web-based iPhone exploit that was active for years
Google's Project Zero discovers a small collection of malicious websites that could be used to hack iPhones using previously ...
-
Apple claps back at Google for spreading FUD in iOS exploit report
It was just last week that we covered a report by Google's Project Zero security researchers claiming they'd identified a malware campaign targeting iPhones for "at least two years." When successful, the exploit chain allowed iPhones to be compromised with no interaction from the ...
-
Nasty Glupteba malware uses Bitcoin blockchain to keep itself alive
Cybersecurity researchers have discovered an innovative new strain of malware that loads Bitcoin transactions with malicious ...
-
Researcher discloses second Steam zero-day exploit after being shut out of bug bounty program (Update: fixed in beta channel)
A second zero-day vulnerability has been publicly disclosed in Steam gaming client by security researcher Vasily Kravets ...
-
Kink in porn site exposes the personal data of over 1M users
A kink in adult site Luscious, which focuses on pornographic images and animations, allowed hackers to access the personal ...
-
Researchers hacked a Canon DSLR with ransomware demanding Bitcoin
Bitcoin demanding ransomware knows no bounds, and the latest potential victim? DSLR cameras. Researchers managed to exploit ...
-
WhatsApp's chat manipulation exploit remains unresolved even after a year (Updated)
Vulnerabilities uncovered in WhatsApp by cybersecurity firm Checkpoint can allow bad actors to exploit the platform to manipulate ...
-
This cryptocurrency stealing malware was blocked more than 360,000 times over the past year
According to the latest figures from cybersecurity firm Avast, a cryptocurrency stealing malware has been blocked more than ...
-
UN: North Korean cryptocurrency hackers have earned up to $2 billion so far
The financial impact of North Korea's cryptocurrency hacking exploits could be much larger than first thought, experts believe ...
-
Vicious malware threatens to turn search engine into crypto-mining zombie botnet
A strain of malware is targeting enterprise search engine Elasticsearch, forcing vulnerable servers to join a botnet of 'zombies.' ...
-
Monero security flaw could've seen XMR stolen from cryptocurrency exchanges
Monero devs have disclosed nine security vulnerabilities over the past two days - and some could have been outright devastating. ...
-
Dell patches vulnerability that put millions of PCs at risk — Update yours now
Dell released a security advisory urging consumers to update their laptops and PCs to patch a security vulnerability the ...
-
Hackers exploit Mozilla Firefox bug reportedly affecting Coinbase users
Mozilla has urged Firefox users to update their browsers immediately, after its team patched a critical security flaw appearing ...
-
Yet another cryptocurrency mining botnet caught targeting China
Security researchers have uncovered a Monero cryptocurrency mining botnet that seems to be targeting China. The botnet appears ...
-
Cryptocurrency hackers sneak malware into Oracle servers to mine Monero
Security researchers have identified another cryptocurrency mining malware. It's installing itself on Oracle servers, and ...
-
New cryptocurrency mining malware is spreading across Thailand and the US
Security researchers have uncovered a new malware family, called BlackSquid, that's attacking hardware to get it to secretly ...
-
Twitter bug accidentally shared location data of some iOS users
Twitter says it has fixed a security bug that resulted in a user's approximate location information being shared with an ...
-
Bitcoin has nearly 100,000 nodes, but over 50% run vulnerable code
The number of nodes on the Bitcoin network hovers around 100,000 - which is great for decentralization - but many remain ...
-
New cryptocurrency malware hijacks China's enterprises to mine Monero
Beapy is the next generation of cryptocurrency mining malware, with thousands of machines across Asia already infected to ...
-
Japan court lets Monero cryptojacker walk away free
A Japanese web designer is walking free after appearing in court for using his visitor's computers to mine cryptocurrency ...
-
Keep your digital life secure with these 6 simple tricks
Data breaches, widespread malware attacks, and microtargeted personalized advertising were lowlights of digital life in 2018. As ...