Threat Post

Darkhotel Exploits Microsoft Zero-Day VBScript Flaw

The recently-patched flaw could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Researchers have discovered that the Darkhotel APT is ...
Dark Reading

Black Hat USA 2015: Exploit Dev Story

The Exploit Laboratory series has two advanced offerings to consider. Exploit Laboratory: Black Belt will cover advanced browser exploitation techniques, including DEP and ASLR bypass, ROP chaining ...
Network World

Cisco nixes conference session on hacking IOS router code

Cisco this week asked that a presentation on how to hack its IOS router software be pulled from a security conference in Las Vegas. A presentation called “The Holy Grail: Cisco IOS Shellcode Remote ...
Ars Technica

Solved: Why in-the-wild Bluekeep exploits are causing patched machines to crash

Recent in-the-wild attacks on the critical Bluekeep vulnerability in many versions of Windows aren’t just affecting unpatched machines. It turns out the exploits—which repurpose the September release ...
Dark Reading

Metasploit Adds iPhone Hacking Tools

The iPhone is now officially fresh meat: Metasploit creator HD Moore has added iPhone-hacking features to the wildly popular freebie penetration testing tool. (See Now Playing: Metasploit 3.0.) ...