Zero-day-loving Google hackers furiously active in last three years
The hackers behind the Aurora attacks that were discovered targeting Google, Adobe and other big U.S. companies in 2009 have seemingly been working hard ever since. Symantec …
Oracle patches Java 0-day, researchers say there’s another one
Oracle has finally issued an update for Java 7 (v 1.7.0_07) which solves the problem of the CVE-2012-4681 vulnerability (which actually consists of two distinct flaws). The …
Blackhole exploit kit got upgraded
Phoenix and Blackhole are the most popular and widely used exploit kits because their creators are always tinkering with them and pushing out update and improved attack …
Flame abused Windows Update to spread
You have probably already heard that Microsoft released an out-of-band update that revokes three rogue certificates that were used to sign a couple of modules of the recently …
Hotmail remote password reset 0-day bug found, patched
A critical security flaw affecting Microsoft’s Hotmail has been detected almost simultaneously by Vulnerability Lab researchers and a Saudi Arabia hacker and, until a …
Stuxnet was planted via infected memory stick
Although it has never been confirmed, the speculation that the Stuxnet worm was manufactured for the express reason of disrupting the production at Iran’s Natanz uranium …
0-day in Backtrack Linux found, patched
A zero-day vulnerability affecting the last version of Backtrack Linux has been spotted by a student during an Ethical Hacking class organized by the InfoSec Institute. The …
Microsoft warns of targeted attacks exploiting Windows flaw
With the April Patch Tuesday, Microsoft has issued six bulletins – four critical, two important – and has delivered patches for 11 vulnerabilities. One particular …
IE 9 hacked at Pwn2Own, Google patches Chrome bugs
After the success they had with attacking Google’s Chrome browser, the team of vulnerability researchers from French firm VUPEN has also managed to hack …
0-day risk analysis service by Qualys
Qualys launched Zero-Day Risk Analyzer, a new service to help companies protect their IT systems against zero-day attacks which is delivered as part of the QualysGuard Cloud …
Pwn2Own 2012: Changed rules, bigger prizes, no more mobile hacks
Pwn2Own, one of the most anticipated hacking contests that takes place each year at the CanSecWest conference in Vancouver, British Columbia, is set to unfold under …
Yahoo Messenger bug allows status message hijacking
Yahoo Messenger users are in danger of getting their status messages changed without their consent and finding themselves inadvertently peddling malware. The zero-day exploit …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD