Solving the dilemma of vulnerability exploitation disclosure
The subject of software and hardware vulnerability disclosure has been debate time and time again, and most agree that, if possible, vulnerabilities should first be disclosed …
Patched IE zero-day and older flaw exploited in ongoing targeted attacks
With this month’s Patch Tuesday, Microsoft has delivered the patch for the infamous Internet Explorer zero-day (CVE-2013-3893) that has been spotted being used in …
Dangerous vBulletin exploit in the wild
vBulletin is a popular proprietary CMS that was recently reported to be vulnerable to an unspecified attack vector. vBulletin is currently positioned 4th in the list of …
Blackhole exploit kit creator arrested
It has been confirmed: the author of Blackhole, the most popular exploit kit out there, has been arrested by Russian authorities. The news that the malware creator that goes …
Latest IE 0-day still unpatched, attacks exploiting it go back three months
While Microsoft is yet to issue a patch for the latest Internet Explorer zero-day (CVE-2013-3893), reports are coming in that the flaw has been exploited more widely and for a …
Java exploits jump, Android malware emerges outside app stores
A continued rise in exploit-based attacks, particularly against Java, and an increasing sophistication in mobile threats characterized the first half of 2013, which saw its …
IE 0-day attack reports push ISC to raise official threat level
Over the weekend, FireEye researchers have managed to shed some light on the in-the-wild attacks leveraging the latest discovered Internet Explorer zero-day vulnerability …
Microsoft issued Fix it for actively exploited IE 0-day
Microsoft has yesterday unexpectedly released a security advisory warning users about instances of active exploitation of a vulnerability found in all supported versions of …
Attacks targeting unsupported Java 6 are on the rise
As predicted at the end of 2012 and proved by the ever expanding use of exploit kits, vulnerabilities in popular and widespread software such as Java and Adobe’s Acrobat …
Shielding targeted applications
When we discuss exploit prevention, we often talk about “targeted applications.’ This term refers to end-user applications which can be exploited by hackers for …
Where RFI attacks fall in the security threat landscape
New research from Incapsula yielded a few interesting facts about RFI attacks. The data for the report was collected by monitoring billions of web sessions over a 6-month …
Joomla exploit doing rounds, users advised to update
Users who run their sites own sites and use the Joomla CMS but haven’t updated it in a while should do so immediately if they don’t want to see their sites …
Featured news
Sponsored
Don't miss
- Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)
- PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)
- GISEC Global 2024 video walkthrough
- GenAI can enhance security awareness training
- The relationship between cybersecurity and work tech innovation