Exploit broker offers $1 million for reliable iOS 9 exploit
Here’s a treat for hackers and security researchers who don’t mind selling information about zero-day vulnerabilities to the highest bidder: Zerodium, the zero-day …
Zero-day bugs in Kaspersky and FireEye products found, exploits disclosed
A slew of vulnerabilities – some already patched and some still not – have been revealed to affect several security offerings by some of the most trusted names in …
Security flaws could allow attackers to steal over 100 different cars
Since 2012, a trio of European researchers knew that the Megamos Crypto transponder – used in a over 100 cars manufactured by Audi, Ferrari, Fiat, Cadillac, Volkswagen …
Microsoft issues emergency patch for IE flaw exploited in the wild
Microsoft has pushed out an emergency out-of-band Internet Explorer update, which fixes a critical memory corruption vulnerability (CVE-2015-2502) that is being actively …
Researcher releases exploit for OS X 0-day that gives root access
Italian security researcher Luca Todesco has published PoC exploit code for a newly discovered zero-day privilege escalation flaw affecting OS X Yosemite (v10.10) and …
BitTorrent clients can be made to participate in high-volume DoS attacks
A group of researchers have discovered a new type of DoS attack that can be pulled off by a single attacker exploiting weaknesses in the BitTorrent protocol family.The …
Google plugs Google Admin app sandbox bypass 0-day
After having had some trouble with fixing a sandbox bypass vulnerability in the Google Admin Android app, the Google Security team has finally released on Friday an update …
Researchers hack Corvette via SMS to plugged-in tracking dongle
A team of researchers from the University of California, San Diego, have managed to hack a Corvette via specially crafted SMS messages sent to a tracking dongle (i.e. a …
Angler EK exploits recently patched IE bug to deliver ransomware
“If they haven’t already, Internet Explorer users would do well to implement the security update provided by Microsoft last month, as among the fixed vulnerability …
Zero-day disclosure-to-weaponization period cut in half
There’s no doubt about it: the batch of stolen information leaked in the wake of the Hacking Team breach was a boon for exploit kit developers.Not only did it contain a …
Malvertisers abused Yahoos ad network for days
“A large-scale malvertising attack abusing Yahoos ad network has been hitting visitors of the Internet giant’s many popular and heavy-traffic sites for nearly a …
Hackers actively exploiting OS X zero-day to root machines, deliver adware
“Attackers are actively exploiting a zero-day privilege escalation vulnerability affecting the latest version of Apple’s OS. The bug’s existence has been …