Spam campaign doubles on threats
Some malware peddlers might be moving on from using the Blackhole exploit kit to deliver malicious code, but others are still not ready to give up on it, as proven by a spam …
New IE 0-day actively exploited by Chinese attackers
After having discovered a new IE zero-day exploit being actively used in the wild, FireEye researchers have revealed that the watering hole attack is more than likely mounted …
Cryptolocker surge directly tied with Blackhole downfall
The recent emergence of Cryptolocker as one of the most widespread, visible and deadly threats is directly tied to the arrest of “Paunch”, the creator of the …
New Microsoft 0-day vulnerability under attack
Microsoft has released security advisory KB2896666 informing of a vulnerability (CVE-2013-3906) in the TIFF graphics format that is seeing limited attacks in the Middle East …
Triumfant detects and stops in-memory malware attacks
Advanced Volatile Threats are malware attacks that take place in a computer’s RAM or other volatile memory, and are difficult to detect because they are never stored to …
Solving the dilemma of vulnerability exploitation disclosure
The subject of software and hardware vulnerability disclosure has been debate time and time again, and most agree that, if possible, vulnerabilities should first be disclosed …
Patched IE zero-day and older flaw exploited in ongoing targeted attacks
With this month’s Patch Tuesday, Microsoft has delivered the patch for the infamous Internet Explorer zero-day (CVE-2013-3893) that has been spotted being used in …
Dangerous vBulletin exploit in the wild
vBulletin is a popular proprietary CMS that was recently reported to be vulnerable to an unspecified attack vector. vBulletin is currently positioned 4th in the list of …
Blackhole exploit kit creator arrested
It has been confirmed: the author of Blackhole, the most popular exploit kit out there, has been arrested by Russian authorities. The news that the malware creator that goes …
Latest IE 0-day still unpatched, attacks exploiting it go back three months
While Microsoft is yet to issue a patch for the latest Internet Explorer zero-day (CVE-2013-3893), reports are coming in that the flaw has been exploited more widely and for a …
Java exploits jump, Android malware emerges outside app stores
A continued rise in exploit-based attacks, particularly against Java, and an increasing sophistication in mobile threats characterized the first half of 2013, which saw its …
IE 0-day attack reports push ISC to raise official threat level
Over the weekend, FireEye researchers have managed to shed some light on the in-the-wild attacks leveraging the latest discovered Internet Explorer zero-day vulnerability …
Featured news
Resources
Don't miss
- Threat actors are scanning your environment, even if you’re not
- GoSearch: Open-source OSINT tool for uncovering digital footprints
- Rack Ruby vulnerability could reveal secrets to attackers (CVE-2025-27610)
- Top must-visit companies at RSAC 2025
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028)