Researchers deliver fix for Java 0-day to Oracle
Polish firm Security Explorations and its CEO Adam Gowdiak continue to be the a thorn in Oracle’s side by repeatedly questioning the giant’s decision not to issue …
“Watering hole” sites crucial to new cyber espionage campaign
RSA’s newly dubbed FirstWatch research team has recently presented their findings on a “water holing” campaign that they first spotted back in July. The …
Microsoft patches IE zero-day and Flash flaws in IE 10
Microsoft has delivered on its promise and has issued a security update for Internet Explorer to address the zero-day memory-corruption vulnerability in versions 9 and earlier …
Microsoft offers Fix it for IE zero-day, announces security update
Microsoft has released the Fix it solution for the IE zero-day memory-corruption vulnerability that is currently being exploited in attacks, and has promised a security update …
Microsoft promises fast fix for IE zero-day as new attacks are discovered
The problem of the remotely-exploitable IE zero-day memory-corruption vulnerability that is being misused in current attacks has reached a critical enough level for Microsoft …
Microsoft issues workaround for IE 0-day exploited in current attacks
Microsoft has issued a security advisory with advice on how to patch a Internet Explorer zero-day vulnerability recently spotted being exploited in the wild by attackers that …
Zero-day-loving Google hackers furiously active in last three years
The hackers behind the Aurora attacks that were discovered targeting Google, Adobe and other big U.S. companies in 2009 have seemingly been working hard ever since. Symantec …
Oracle patches Java 0-day, researchers say there’s another one
Oracle has finally issued an update for Java 7 (v 1.7.0_07) which solves the problem of the CVE-2012-4681 vulnerability (which actually consists of two distinct flaws). The …
Blackhole exploit kit got upgraded
Phoenix and Blackhole are the most popular and widely used exploit kits because their creators are always tinkering with them and pushing out update and improved attack …
Flame abused Windows Update to spread
You have probably already heard that Microsoft released an out-of-band update that revokes three rogue certificates that were used to sign a couple of modules of the recently …
Hotmail remote password reset 0-day bug found, patched
A critical security flaw affecting Microsoft’s Hotmail has been detected almost simultaneously by Vulnerability Lab researchers and a Saudi Arabia hacker and, until a …
Stuxnet was planted via infected memory stick
Although it has never been confirmed, the speculation that the Stuxnet worm was manufactured for the express reason of disrupting the production at Iran’s Natanz uranium …