U.S. tech companies sharing bug info with U.S. govt before releasing fixes
A recent report by Bloomberg’s Michael Riley has revealed that a great many U.S.-based companies are voluntarily sharing sensitive information with the U.S. national …
New Android Trojan is complex as Windows malware
Mobile (and especially Android) malware is on the rise and according to researchers from Kaspersky Lab, its complexity is also increasing. Case in point: …
Google researcher publishes Windows 0-day exploit
Less than two weeks after Google researcher Tavis Ormandy released information about a new Windows zero-day vulnerability on the Full Disclosure mailing list and asked for …
Questioning Google’s disclosure timeline motivations
The presence of 0-day vulnerability exploitation is often a real and considerable threat to the Internet – particularly when very popular consumer-level software is the …
Google defines disclosure timeline for actively exploited bugs
The debate regarding responsible vulnerability disclosure and full vulnerability disclosure has been started many times in the past, and it’s an issue that will continue …
Google researcher reveals another Windows 0-day
Tavis Ormandy – the Google researcher known for discovering a slew of Windows, Java and Flash Player vulnerabilities and zero-days and his combative attitude regarding …
A look into the EC Council hack
Update: Wednesday, 22 May 2013 – Tal Be’ery: “We had analyzed a screenshot of what we had thought at the time the current EC council site hack. Later we had …
U.S. government tops list of malware buyers
While vocally and repeatedly tying all kinds of discovered cyber attacks to Chinese hackers, the U.S. has quietly been working on their own cyber offensive capabilities …
Microsoft releases Fix it for critical IE8 0-day
Microsoft has released a one-click Fix it for mitigating the effect of the IE 8 zero-day vulnerability that is being used in watering hole attacks in the wild. Given that a …
IE8 0-day used in watering hole attacks
Last week a U.S. Department of Labor website was discovered to be redirecting users to sites serving a hard-to-detect variant Poison Ivy backdoor Trojan. Researchers are now …
Dangerous beans: Oracle deep in the storm
Last week security researchers from FireEye discovered a new Java exploit that works against the latest versions of Java (version 6 update 41 and version 7 updated 15) making …
New Java 0-day exploited in ongoing attacks
FireEye has detected yet another Java zero-day vulnerability being exploited in attacks in the wild. Affected updates are Java v1.6 Update 41 and Java v1.7 Update 15 (released …