vBulletin vulnerable to SQL injection
A Romanian hacking community has discovered and responsibly reported a critical SQL injection vulnerability found in the latest version (5.1.2) of the popular web forum …
Google goes to war against zero-days
Google has announced the launch of Project Zero, a dedicated internal team that will concentrate on finding zero-day vulnerabilities in Google’s and third-party software …
Researchers share details about recent IE 0-day exploit and its delivery
Given that Microsoft has closed the Internet Explorer 0-day vulnerability that was exploited to compromise US-based defense and financial firms, the Sourcefire vulnerability …
Microsoft updates IE against latest 0-day, updates also XP
Microsoft has issued an out of band security update to patch the zero day vulnerability that affects all versions of Internet Explorer and is being actively exploited in the …
Flash 0-day exploited in watering hole attacks, Adobe provides patch
Adobe has pushed out new versions of Flash Player for Windows, Mac and Linux, as a newly discovered zero-day vulnerability affecting the software is being actively exploited …
IE 0-day exploit actively used in attacks against US-based firms
Late on Saturday, Microsoft has published a security advisory warning about “limited, targeted attacks” exploiting a newly discovered zero day vulnerability that …
0-day Microsoft Word flaw exploited in targeted attacks
Microsoft has issued a security advisory warning of a remote code execution vulnerability that is being exploited in “limited, targeted attacks directed at Microsoft …
Full Disclosure mailing list closure elicits mixed reactions
The Full Disclosure mailing list has long been the perfect place for security researchers to disclose and discuss newly found vulnerabilities. But John Cartwright, one of its …
Criminals rush to exploit IE 0-day before the announced fix
Last week Microsoft has announced that today’s Patch Tuesday will include a fix for the critical IE zero-day vulnerability that was found exploited in watering hole …
Microsoft testing EMET’s new protection mechanisms
Just as researchers made public their successful attempt of creating attack code for bypassing the protections of the latest version of Microsoft’s Enhanced Mitigation …
Adobe fixes Flash 0-day
Adobe released their second out-of-band update for Adobe Flash this month. APSB14-07 fixes three vulnerabilities in Adobe Flash, including CVE-2014-0502 which is being used in …
Microsoft issues Fix it for critical IE 0-day exploited in attacks
Microsoft has finally issued a security advisory addressing the IE zero-day that has been recently actively exploited in attacks in the wild, and has followed with a Fix it …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD