Vulnerabilities

Using OPSWAT to Manage Confidentiality for your Zoom Meetings

May 18, 2020
Author: Khanh Nguyen Yen, Software Engineer II, OPSWAT Background There are many organizations and individuals that create their own encryption schemes. While there are security advantages to using a custom scheme, the disadvantages are...

Defending Against COVID-19 Related Cyberattacks

April 02, 2020 by Ioana Tataran
In difficult times, when the world experiences major disruptions like a pandemic, people become irrational, at many times acting out of fear rather than their true feelings and beliefs. Fear of misinformation, lack of resources, unprepared...

An Overview of OPSWAT File-based Vulnerability Detection

March 18, 2020
Author: Vinh T. Nguyen - Team Leader Introduction A vulnerability in a computer system is a weakness that an attacker can exploit to use that system in an unauthorized way [1]. Software vulnerability, in particular, is a cyber-security...

Privilege Escalation to System User on Windows 10 using CVE-2019-1405 and CVE-2019-1322

February 07, 2020
Author: Vuong Doan Minh, Software Engineer, OPSWAT Introduction Privilege escalation is a type of exploit that provides malicious actors with elevated access rights to protected resources in an application or operating system. Exploit...

BlueKeep: Detecting and Remediating a Critical and Wormable Remote Code Execution Vulnerability

December 26, 2019
Author: Khanh Nguyen Yen, Software Engineer, OPSWAT Introduction What is BlueKeep? BlueKeep is a critical remote code execution vulnerability that exists in Remote Desktop Services (formerly known as Terminal Services), one of...

Remote Code Execution Vulnerability in VLC - Detection & Remediation with OPSWAT

November 13, 2019
Author: Thuong Truong Hoai, Software Engineer, OPSWAT Introduction VideoLAN VLC Media Player 2.2.x is prone to a Use-After-Free vulnerability, which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed...

Shadow IoT: A Fine Kettle Of Fish

October 09, 2019
Author: Randy Abrams, Sr. Security Analyst, OPSWAT. We all have a fairly good idea of what IoT is. Depending upon who you talk to, IoT is the Internet of Things, the Insecurity of Things, or the Internet of Terror. If you work in an...
Sign up for Blog updates
Get information and insight from the leaders in advanced threat prevention.