Update your Flash Player if you don’t want ransomware
“It didn’t take long for exploit kit authors to incorporate an exploit for the recently discovered zero-day Adobe Flash vulnerability (CVE-2015-3113) into their …
Deadly Windows, Reader font bugs can lead to full system compromise
“Even in 2015 – the era of high-quality mitigations and security mechanisms – one good bug still suffices for a complete system compromise,” Mateusz …
Flash Player 0-day exploited in the wild, patch immediately!
Adobe has released an emergency patch for its notoriously buggy Flash Player software because attackers are actively exploiting a critical vulnerability that can lead to total …
Critical RubyGems vulns can lead to installation of malicious apps
A serious vulnerability in RubyGems, a package manager for the Ruby programming language, can be exploited to trick end users into installing malware from attacker-controlled …
Unpatched OS X, iOS flaws allow password, token theft from keychain, apps
Six researchers from Indiana University Bloomington, Peking University and Georgia Tech have recently published a paper in which they detail the existence of critical security …
Newly patched Flash Player bug exploited to deliver crypto ransomware
“It took less than a week for a functional exploit for a recently patched Adobe Flash Player vulnerability to be added to the Magnitude exploit kit, Trend Micro …
Future attacks: Hiding exploit code in images
Successfully hiding messages in images has already been done, but is it possible to deliver an exploit in one – and run it? Saumil Shah, founder and CEO of Net-Square, …
Malvertising infected millions of users in 2015
“New research from Malwarebytes has found that malvertising is one of the primary infection vectors used to reach millions of consumers this year. The analysis looked at …
Massive campaign uses router exploit kit to change routers’ DNS servers
Well-known security researcher Kafeine has spotted an active campaign aimed at compromising SOHO routers and changing their DNS settings so that the attackers can seamlessly …
Address spoofing Safari bug opens door for phishing attacks
Hacker David Leo has released a PoC exploit for a Safari vulnerability that can be misused to trick users into thinking they are on one site while they are actually on another …
Year-old flaw in popular WordPress plugin still actively exploited
Sucuri Security researchers have discovered yet another malicious campaign redirecting users to sites hosting exploits. As per usual, the attackers are mostly leveraging …
New AlphaCrypt ransomware delivered via Angler EK
“Yet another type of ransomware has been detected by malware researchers. Dubbed AlphaCrypt, it appropriates the look of TeslaCrypt, but operates similarly to Cryptowall …
Featured news
Sponsored
Don't miss
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints