0-day Microsoft Word flaw exploited in targeted attacks
Microsoft has issued a security advisory warning of a remote code execution vulnerability that is being exploited in “limited, targeted attacks directed at Microsoft …
Gang wielding ColdFusion exploits expands botnet of hacked e-commerce sites
A German website of French automaker Citro?«n is the latest of the wide array of higher-profile webshop sites that have been compromised by a hacker gang leveraging Adobe …
Over 162,000 WordPress sites exploited in DDoS attack
DNS and NTP servers are not the only publicly accessible resources that can be misused to amplify DDoS attacks. Sucuri CTO Daniel Cid revealed details of a recent incident in …
Malware peddlers are trying out different exploit kits
Websense researchers have been following several recent email spam campaigns targeting users of popular services such as Skype and Evernote, and believe them to be initiated …
Microsoft EMET’s protections can be bypassed, researchers show
Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) is a good piece of software and helpful for protecting non-kernel Microsoft applications and third-party …
Two hacker groups used same IE 0-day exploit in recent attacks
The recently spotted watering hole attacks aimed at the visitors of the official website of the US Veterans of Foreign Wars and of a bogus website mimicking that of the French …
70% Android devices vulnerable to released remote access exploit
The recent release of a Metasploit module that allows attackers to remotely access (“get shell”) on most Android-running devices has again raised a very good …
Bogus Evernote alert leads to exploit kit
Evernote users are being actively targeted with an email spam campaign that tries to trick them into following a malicious link. Sent from accounts@pcfa.co.in and titled …
Pwn2Own 2014: $150,000 for an “exploit unicorn”
There are a few new rules for this years’ edition of the Pwn2Own hacking contest and a huge new prize for an “Exploit Unicorn worthy of myth and legend” …
Hasbro’s website compromised, serves malware
The official website of well-known toy maker Hasbro has been compromised and found serving malware to unsuspecting visitors on a number of occasions during the last few weeks. …
$2.7 million await successful Pwnium 4 contestants
Google has, once again, called security researchers to participate in its annual Pwnium contest scheduled to be held at the CanSecWest security conference in Vancouver in …
Researcher demonstrates SCADA zero-day, shares PoC
An Italian researcher well known for his exploration of industrial control systems (ICS) has demonstrated the exploitation of a zero-day flaw that can crash or lead to a …
Featured news
Sponsored
Don't miss
- Applying DevSecOps principles to machine learning workloads
- Overcoming GenAI challenges in healthcare cybersecurity
- 25 cybersecurity AI stats you should know
- Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)
- PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)