Two hacker groups used same IE 0-day exploit in recent attacks
The recently spotted watering hole attacks aimed at the visitors of the official website of the US Veterans of Foreign Wars and of a bogus website mimicking that of the French …
New detection system spots zero-day malware
A group of researchers has created a new infection detection system that can help Internet service providers and large enterprises – or anyone running large-scale …
IE 0-day used in watering hole attack tied to previous campaigns
An Internet Explorer zero-day vulnerability (CVE-2014-0322) is actively exploited in the wild in a watering-hole attack targeting visitors to the official website of the U.S. …
Windows, IE, Java are most vulnerable
When compared with the numbers from the previous year, 2013 has seen an increase in reported security vulnerabilities and, what’s more, the number of critical …
Pwn2Own 2014: $150,000 for an “exploit unicorn”
There are a few new rules for this years’ edition of the Pwn2Own hacking contest and a huge new prize for an “Exploit Unicorn worthy of myth and legend” …
Researcher demonstrates SCADA zero-day, shares PoC
An Italian researcher well known for his exploration of industrial control systems (ICS) has demonstrated the exploitation of a zero-day flaw that can crash or lead to a …
OpenSUSE forums defaced via unknown vBulletin 0-day
The official forums of the openSUSE Linux distribution have been hacked and defaced by a Pakistani hacker that goes by the handle “H4x0r HuSsY.” According to THN, …
OpenX / Revive Adserver zero-day actively exploited in the wild
A zero-day vulnerability that allows attackers to gain back-end access to popular open-source advertising server OpenX Source has been discovered by Florian Sander, founder of …
IE flaw targeted in Aurora attacks still actively exploited
Regular software patching is often touted as one of the best things you can do to keep your computer safe against malware infection. Unfortunately, not all users follow that …
Configuring for security in a world of 0-days
Last month, Microsoft published two separate notices of 0-day vulnerabilities that were being used in the wild to attack Microsoft products. The first flaw is in a code …
vBulletin.com hacked, hackers trying to sell info on 0-day used
The developers of popular Internet forum software vBulletin have announced late on Friday that their network has been attacked and successfully breached, and that the hackers …
New IE 0-day actively exploited by Chinese attackers
After having discovered a new IE zero-day exploit being actively used in the wild, FireEye researchers have revealed that the watering hole attack is more than likely mounted …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD