Flash 0-day exploited in watering hole attacks, Adobe provides patch
Adobe has pushed out new versions of Flash Player for Windows, Mac and Linux, as a newly discovered zero-day vulnerability affecting the software is being actively exploited …
IE 0-day exploit actively used in attacks against US-based firms
Late on Saturday, Microsoft has published a security advisory warning about “limited, targeted attacks” exploiting a newly discovered zero day vulnerability that …
0-day Microsoft Word flaw exploited in targeted attacks
Microsoft has issued a security advisory warning of a remote code execution vulnerability that is being exploited in “limited, targeted attacks directed at Microsoft …
Full Disclosure mailing list closure elicits mixed reactions
The Full Disclosure mailing list has long been the perfect place for security researchers to disclose and discuss newly found vulnerabilities. But John Cartwright, one of its …
Criminals rush to exploit IE 0-day before the announced fix
Last week Microsoft has announced that today’s Patch Tuesday will include a fix for the critical IE zero-day vulnerability that was found exploited in watering hole …
Microsoft testing EMET’s new protection mechanisms
Just as researchers made public their successful attempt of creating attack code for bypassing the protections of the latest version of Microsoft’s Enhanced Mitigation …
Adobe fixes Flash 0-day
Adobe released their second out-of-band update for Adobe Flash this month. APSB14-07 fixes three vulnerabilities in Adobe Flash, including CVE-2014-0502 which is being used in …
Microsoft issues Fix it for critical IE 0-day exploited in attacks
Microsoft has finally issued a security advisory addressing the IE zero-day that has been recently actively exploited in attacks in the wild, and has followed with a Fix it …
Two hacker groups used same IE 0-day exploit in recent attacks
The recently spotted watering hole attacks aimed at the visitors of the official website of the US Veterans of Foreign Wars and of a bogus website mimicking that of the French …
New detection system spots zero-day malware
A group of researchers has created a new infection detection system that can help Internet service providers and large enterprises – or anyone running large-scale …
IE 0-day used in watering hole attack tied to previous campaigns
An Internet Explorer zero-day vulnerability (CVE-2014-0322) is actively exploited in the wild in a watering-hole attack targeting visitors to the official website of the U.S. …
Windows, IE, Java are most vulnerable
When compared with the numbers from the previous year, 2013 has seen an increase in reported security vulnerabilities and, what’s more, the number of critical …
Featured news
Resources
Don't miss
- Back to basics webinar: The ecosystem of CIS Security best practices
- SonicWall firewalls targeted in ransomware attacks, possibly via zero-day
- AIBOMs are the new SBOMs: The missing link in AI risk management
- Average global data breach cost now $4.44 million
- Open-source password recovery utility Hashcat 7.0.0 released