Flawed reused code opens zero-day in Cyanogenmod
An unnamed security researcher says that Cyanogenmod, the popular Android-based mobile OS, sports a zero-day vulnerability that can be misused to target users with …
CIA’s venture firm CISO offers singular solutions for cyber problems
In a eclectic keynote delivered to the Black Hat conference audience, Dan Geer, CISO at In-Q-Tel, made known his thoughts on and ideas about a number of things: from Internet …
Symantec issues update fixing Endpoint Protection zero-day
Symantec has issued updates for its Endpoint Protection solution that fix the zero-day escalation of privilege vulnerability recently discovered by Offensive Security …
0-days found in Symantec Endpoint Protection
While testing of the systems and networks of a financial services company, a team of penetration testers from Offensive Security have unearthed a number of vulnerabilities, …
Internet Explorer vulnerabilities increase 100%
Bromium Labs analyzed public vulnerabilities and exploits from the first six months of 2014. The research determined that Internet Explorer vulnerabilities have increased more …
Critical de-anonymization 0-days found in Tails
Tails, the security-focused Debian-based Linux distribution favoured by Edward Snowden, journalists and privacy-minded users around the world, sports a number of critical …
vBulletin vulnerable to SQL injection
A Romanian hacking community has discovered and responsibly reported a critical SQL injection vulnerability found in the latest version (5.1.2) of the popular web forum …
Google goes to war against zero-days
Google has announced the launch of Project Zero, a dedicated internal team that will concentrate on finding zero-day vulnerabilities in Google’s and third-party software …
Researchers share details about recent IE 0-day exploit and its delivery
Given that Microsoft has closed the Internet Explorer 0-day vulnerability that was exploited to compromise US-based defense and financial firms, the Sourcefire vulnerability …
Microsoft updates IE against latest 0-day, updates also XP
Microsoft has issued an out of band security update to patch the zero day vulnerability that affects all versions of Internet Explorer and is being actively exploited in the …
Flash 0-day exploited in watering hole attacks, Adobe provides patch
Adobe has pushed out new versions of Flash Player for Windows, Mac and Linux, as a newly discovered zero-day vulnerability affecting the software is being actively exploited …
IE 0-day exploit actively used in attacks against US-based firms
Late on Saturday, Microsoft has published a security advisory warning about “limited, targeted attacks” exploiting a newly discovered zero day vulnerability that …