Adobe Flash zero-day actively exploited in targeted attacks
A zero-day vulnerability affecting the latest version of Adobe Flash Player and all previous ones is being actively exploited in limited, targeted attacks, the company has …
Angler exploit kit bypasses EMET’s defenses
The infamous Angler exploit kit is now capable of bypassing the protections offered by Microsoft’s Enhanced Mitigation Experience Toolkit (EMET), FireEye researchers …
Windows zero-day exploit offered for sale on underground market
Someone is selling an exploit for a Windows zero-day on an underground market for Russian-speaking cyber criminals, and the current price is set at $90,000. Trustwave …
DMA Locker ransomware ready for mass distribution
According to Malwarebytes’ researcher Hasherezade, we’re in for a lot of pain once the new and improved DMA Locker ransomware starts doing the rounds. Its first …
Almost all Android users vulnerable to Accessibility Clickjacking attacks
Symantec researchers recently posited that Android banking malware with screen overlay capabilities might soon start tricking users into turning on Android’s Accessibility …
Latest Flash 0day exploit delivered via booby-trapped Office file
Four days have passed since Adobe patched the latest Flash Player 0day vulnerability exploited in attacks in the wild and, in the meantime, we have been given more details …
0day alert: Be ready to update Adobe Flash Player tomorrow
On Tuesday, Adobe has pushed out security updates for Cold Fusion and Adobe Acrobat and Reader, but has also announced an update for Flash Player that should be released on …
Attackers keep flinging assorted ImageMagick 0day exploits
It’s been a week since the existence of several flaws affecting popular image processing library ImageMagick have been made public. At the time, one of these, a remote …
Exploit kits are the greatest danger for Windows users
Exploit kits are how most malware gets on victims’ computers and, according to Microsoft, encounters with exploit kits increased by more than a third from 3Q15 to 4Q15. …
For PoC exploits, go on Twitter
Proof-of-Concept exploits are increasingly being shared and discussed online, threat intelligence firm Recorded Future has discovered. Between March 22, 2015 and the present …
Web servers and sites under attack via ImageMagick zero-day flaw
A zero-day remote code execution flaw has been found in ImageMagick, an image processing library that allows image uploads from untrusted users (site visitors) and is widely …
Exploit kit targets Android devices, delivers ransomware
Ransomware hitting mobile devices is not nearly as widespread as that which targets computers, but Blue Coat researchers have discovered something even less common: mobile …
Featured news
Resources
Don't miss
- The overlooked risks of poor data hygiene in AI-driven organizations
- How to customize Safari for private browsing on iOS
- Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)
- Swap EOL Zyxel routers, upgrade Netgear ones!
- Crypto-stealing iOS, Android malware found on App Store, Google Play