Questioning Google’s disclosure timeline motivations
The presence of 0-day vulnerability exploitation is often a real and considerable threat to the Internet – particularly when very popular consumer-level software is the …
Google defines disclosure timeline for actively exploited bugs
The debate regarding responsible vulnerability disclosure and full vulnerability disclosure has been started many times in the past, and it’s an issue that will continue …
Google researcher reveals another Windows 0-day
Tavis Ormandy – the Google researcher known for discovering a slew of Windows, Java and Flash Player vulnerabilities and zero-days and his combative attitude regarding …
A look into the EC Council hack
Update: Wednesday, 22 May 2013 – Tal Be’ery: “We had analyzed a screenshot of what we had thought at the time the current EC council site hack. Later we had …
U.S. government tops list of malware buyers
While vocally and repeatedly tying all kinds of discovered cyber attacks to Chinese hackers, the U.S. has quietly been working on their own cyber offensive capabilities …
Microsoft releases Fix it for critical IE8 0-day
Microsoft has released a one-click Fix it for mitigating the effect of the IE 8 zero-day vulnerability that is being used in watering hole attacks in the wild. Given that a …
IE8 0-day used in watering hole attacks
Last week a U.S. Department of Labor website was discovered to be redirecting users to sites serving a hard-to-detect variant Poison Ivy backdoor Trojan. Researchers are now …
Dangerous beans: Oracle deep in the storm
Last week security researchers from FireEye discovered a new Java exploit that works against the latest versions of Java (version 6 update 41 and version 7 updated 15) making …
New Java 0-day exploited in ongoing attacks
FireEye has detected yet another Java zero-day vulnerability being exploited in attacks in the wild. Affected updates are Java v1.6 Update 41 and Java v1.7 Update 15 (released …
Facebook employees ambushed by zero-day exploit
Facebook is the latest big company to admit that they have been targeted with a “sophisticated” attack. The attack was triggered when a small number of Facebook …
Adobe offers mitigation for Reader 0-day attack, fix is yet to come
Adobe has confirmed FireEye researchers’ findings about new Adobe Reader and Acrobat zero-day vulnerabilities being exploited in the wild and has issued a security …
Adobe Reader zero-day exploit spotted in the wild
Researchers form security firm FireEye have found in the wild a PDF file that exploits a new zero-day vulnerability in Adobe Reader. “Upon successful exploitation, it …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments