IE 0-day used in watering hole attack tied to previous campaigns
An Internet Explorer zero-day vulnerability (CVE-2014-0322) is actively exploited in the wild in a watering-hole attack targeting visitors to the official website of the U.S. …
Windows, IE, Java are most vulnerable
When compared with the numbers from the previous year, 2013 has seen an increase in reported security vulnerabilities and, what’s more, the number of critical …
Pwn2Own 2014: $150,000 for an “exploit unicorn”
There are a few new rules for this years’ edition of the Pwn2Own hacking contest and a huge new prize for an “Exploit Unicorn worthy of myth and legend” …
Researcher demonstrates SCADA zero-day, shares PoC
An Italian researcher well known for his exploration of industrial control systems (ICS) has demonstrated the exploitation of a zero-day flaw that can crash or lead to a …
OpenSUSE forums defaced via unknown vBulletin 0-day
The official forums of the openSUSE Linux distribution have been hacked and defaced by a Pakistani hacker that goes by the handle “H4x0r HuSsY.” According to THN, …
OpenX / Revive Adserver zero-day actively exploited in the wild
A zero-day vulnerability that allows attackers to gain back-end access to popular open-source advertising server OpenX Source has been discovered by Florian Sander, founder of …
IE flaw targeted in Aurora attacks still actively exploited
Regular software patching is often touted as one of the best things you can do to keep your computer safe against malware infection. Unfortunately, not all users follow that …
Configuring for security in a world of 0-days
Last month, Microsoft published two separate notices of 0-day vulnerabilities that were being used in the wild to attack Microsoft products. The first flaw is in a code …
vBulletin.com hacked, hackers trying to sell info on 0-day used
The developers of popular Internet forum software vBulletin have announced late on Friday that their network has been attacked and successfully breached, and that the hackers …
New IE 0-day actively exploited by Chinese attackers
After having discovered a new IE zero-day exploit being actively used in the wild, FireEye researchers have revealed that the watering hole attack is more than likely mounted …
New Microsoft 0-day vulnerability under attack
Microsoft has released security advisory KB2896666 informing of a vulnerability (CVE-2013-3906) in the TIFF graphics format that is seeing limited attacks in the Middle East …
Patched IE zero-day and older flaw exploited in ongoing targeted attacks
With this month’s Patch Tuesday, Microsoft has delivered the patch for the infamous Internet Explorer zero-day (CVE-2013-3893) that has been spotted being used in …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments