Microsoft patches two more 0-days actively used by attackers
With this month’s Patch Tuesday, Microsoft has provided patches for several critical vulnerabilities that allow remote code execution, some of which have been or are …
Russian espionage group used Windows 0-day to target NATO, EU
In today’s Patch Tuesday, Microsoft will be releasing a wide variety of patches, and among them will be one for a zero-day vulnerability that has been used in a …
Flawed reused code opens zero-day in Cyanogenmod
An unnamed security researcher says that Cyanogenmod, the popular Android-based mobile OS, sports a zero-day vulnerability that can be misused to target users with …
CIA’s venture firm CISO offers singular solutions for cyber problems
In a eclectic keynote delivered to the Black Hat conference audience, Dan Geer, CISO at In-Q-Tel, made known his thoughts on and ideas about a number of things: from Internet …
Symantec issues update fixing Endpoint Protection zero-day
Symantec has issued updates for its Endpoint Protection solution that fix the zero-day escalation of privilege vulnerability recently discovered by Offensive Security …
0-days found in Symantec Endpoint Protection
While testing of the systems and networks of a financial services company, a team of penetration testers from Offensive Security have unearthed a number of vulnerabilities, …
Internet Explorer vulnerabilities increase 100%
Bromium Labs analyzed public vulnerabilities and exploits from the first six months of 2014. The research determined that Internet Explorer vulnerabilities have increased more …
Critical de-anonymization 0-days found in Tails
Tails, the security-focused Debian-based Linux distribution favoured by Edward Snowden, journalists and privacy-minded users around the world, sports a number of critical …
vBulletin vulnerable to SQL injection
A Romanian hacking community has discovered and responsibly reported a critical SQL injection vulnerability found in the latest version (5.1.2) of the popular web forum …
Google goes to war against zero-days
Google has announced the launch of Project Zero, a dedicated internal team that will concentrate on finding zero-day vulnerabilities in Google’s and third-party software …
Researchers share details about recent IE 0-day exploit and its delivery
Given that Microsoft has closed the Internet Explorer 0-day vulnerability that was exploited to compromise US-based defense and financial firms, the Sourcefire vulnerability …
Microsoft updates IE against latest 0-day, updates also XP
Microsoft has issued an out of band security update to patch the zero day vulnerability that affects all versions of Internet Explorer and is being actively exploited in the …