11-year-old VM escape bug opens host machines to compromise
CrowdStrike researchers have recently discovered a security vulnerability in the virtual floppy drive code used by many computer virtualization platforms, which could be …
How can defenders gain advantage in the 0day market?
According to MIT, Harvard, and HackerOne researchers, the answer is not throwing more money at bug hunters, but incentivize them to find the the same vulnerabilities that the …
Adobe fixes Flash Player zero-day exploited in the wild
Adobe released a new version of Flash Player (17.0.0.169) for Windows and Macintosh, and for Linux (11.2.202.457). These security updates fix a host of critical …
Seagate acknowledges NAS 0-day, announces patch
After security researcher OJ Reeves publicly revealed the existence of a remote code execution zero-day flaw affecting Seagate’s Business Storage 2-Bay NAS line of …
0-day flaw in Seagate NAS devices endangers thousands
Seagate’s Business Storage 2-Bay NAS line of products, which is popular both with home and business users, sports a zero-day remote code execution vulnerability that can …
Equation Group: Cyber espionage, compromising HDD firmware, sophisticated malware
For several years, the Kaspersky Lab Global Research and Analysis Team (GReAT) has been monitoring more than 60 advanced threat actors responsible for cyber-attacks worldwide. …
Forbes.com compromised by Chinese cyber spies targeting US firms
Forbes.com – the 61st most popular website in the US according to Alexa – has been compromised to redirect certain visitors to websites delivering espionage …
Adobe patches latest Flash Player zero-day
Adobe has released Flash Player 16.0.0.305, a new version that fixes the latest zero-day flaw (CVE-2015-0313) that is currently exploited in mass malvertising campaigns. An …
Massive malvertising campaign leads to latest Flash Player zero-day exploit
It has been a tough beginning of the year for Adobe and a dangerous one for Adobe Flash Player users. The recently discovered zero-day vulnerability (CVE-2015-0313) affecting …
New Flash Player 0-day exploited in malvertising attacks
A new Adobe Flash Player zero-day flaw is being actively exploited in the wild via the Angler exploit kit, Trend Micro threat analyst Peter Pi has warned. The flaw …
Adobe updates Flash Player again, plugs 0-day exploited by Angler
Adobe made good on its promise to make available by this week a fix for the recently discovered critical zero-day Flash Player vulnerability (CVE-2015-0311) preyed on by the …
Google discloses three OS X 0-days
In the past few days, Google has released information about and proof-of-concept exploit code for three separate zero-day vulnerabilities affecting Apple’s OS X …
Featured news
Sponsored
Don't miss
- Ivanti patches critical Avalanche flaw exploitable via a simple message (CVE-2024-29204)
- Cheap ransomware for sale on dark web marketplaces is changing the way hackers operate
- Who owns customer identity?
- Enterprises face significant losses from mobile fraud
- Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation