0-days found in widely used Belkin router, fixes still unavailable
CERT/CC has issued a warning about the existence of several serious zero-day vulnerabilities affecting the popular Belkin N600 routers, and has offered advice on how users can …
Researcher releases exploit for OS X 0-day that gives root access
Italian security researcher Luca Todesco has published PoC exploit code for a newly discovered zero-day privilege escalation flaw affecting OS X Yosemite (v10.10) and …
Google plugs Google Admin app sandbox bypass 0-day
After having had some trouble with fixing a sandbox bypass vulnerability in the Google Admin Android app, the Google Security team has finally released on Friday an update …
Darkhotel spying crew boosts attacks with Hacking Team exploit
Kaspersky Lab has discovered that the Darkhotel group, an elite spying crew uncovered by its experts in 2014 and famous for infiltrating Wi-Fi networks in luxury hotels to …
Pentagon’s unclassified email system breached, Russian hackers blamed
Pentagon’s Joint Staff unclassified email system, used by 4,000 military and civilian personnel, has been compromised by attackers, and it has been taken offline until …
Vulnerabilities in 2015: 0-days, Android vs iOS, OpenSSL
Secunia has taken an early peek at the trend in vulnerabilities for 2015, and has presented the results at Black Hat USA 2015. Seven months into the year, the number of …
Zero-day disclosure-to-weaponization period cut in half
There’s no doubt about it: the batch of stolen information leaked in the wake of the Hacking Team breach was a boon for exploit kit developers.Not only did it contain a …
Hackers actively exploiting OS X zero-day to root machines, deliver adware
“Attackers are actively exploiting a zero-day privilege escalation vulnerability affecting the latest version of Apple’s OS. The bug’s existence has been …
Microsoft plugs another Windows zero-day with emergency patch
Microsoft has released an emergency update that plugs a critical zero-day vulnerability (CVE-2015-2426) that affects all supported versions of Windows and could allow …
Firefox blocks Flash plugin by default until zero-days are fixed
For the last few years, many security experts have been urging users to evaluate whether they actually need to use Adobe Flash.The platform, once practically unavoidable, now …
First Java zero-day in two years exploited by Pawn Storm hackers
Another zero-day vulnerability is being exploited in attacks spotted in the wild: this time, the targeted software is Java.The flaw was spotted by Trend Micro researchers, who …
Two more Flash 0-day exploits found in Hacking Team leak, one already exploited in the wild
Exploits for two more Adobe Flash 0-days have been found in the leaked Hacking Team data. The existence of the vulnerabilities has been acknowledged by Adobe with a security …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments