LastPass zero-day can lead to account compromise
A zero-day flaw in the popular password manager LastPass can be triggered by users visiting a malicious site, allowing attackers to compromise the users’s account and …
Fix for actively exploited Flash Player 0day is out, patch ASAP!
Adobe has issued a patch for the Plash Player zero-day vulnerability (CVE-2016-4171) that is actively exploited by the ScarCruft APT group. The bug, discovered by Anton Ivanov …
Adobe Flash zero-day actively exploited in targeted attacks
A zero-day vulnerability affecting the latest version of Adobe Flash Player and all previous ones is being actively exploited in limited, targeted attacks, the company has …
Windows zero-day exploit offered for sale on underground market
Someone is selling an exploit for a Windows zero-day on an underground market for Russian-speaking cyber criminals, and the current price is set at $90,000. Trustwave …
Latest Flash 0day exploit delivered via booby-trapped Office file
Four days have passed since Adobe patched the latest Flash Player 0day vulnerability exploited in attacks in the wild and, in the meantime, we have been given more details …
Adobe patches Flash 0day exploited in attacks
The Adobe Flash Player update announced earlier this week is here, and it fixes more than just the zero-day flaw exploited in attacks in the wild. All in all, the latest …
0day alert: Be ready to update Adobe Flash Player tomorrow
On Tuesday, Adobe has pushed out security updates for Cold Fusion and Adobe Acrobat and Reader, but has also announced an update for Flash Player that should be released on …
OS X zero day bug allows hackers to bypass system integrity protection
An OS X zero day vulnerability could allow attackers to bypass System Integrity Protection, Apple’s newest protection feature, and to escalate their privileges, simplifying …
Sophisticated threats dictate future response strategies
Trend Micro released its annual security roundup report which dissects the most significant security incidents from 2015. The research confirms attackers are now bolder, …
Old, unpatched flaws exploited to achieve control of Windows systems, networks
Foxglove Security researcher Stephen Breen has demonstrated that you don’t need to exploit a 0-day or even a recently discovered vulnerability to gain the highest level …
0-day in Linux kernel endangers Linux servers, Android devices
A serious and pretty longstanding flaw in the Linux kernel has been recently discovered by researchers from infosec outfit Perception Point. The vulnerability (CVE-2016-0728) …
3G/4G cellular USB modems are full of critical security flaws, many 0-days
An analysis of popular 3G and 4G cellural USB modems and routers used around the world revealed a myriad of serious vulnerabilities in each of them.The SCADA Strange Love team …