Google Chrome sandbox apparently cracked
French security firm VUPEN has announced that its researchers have managed manufacture an exploit able to bypass Google Chrome’s sandbox, ASLR and DEP. It is precisely …
RTF exploit hiding in bin Laden death-themed email
Osama bin Laden’s death is sure to be milked for all it’s worth by online spammers and scammers, and the latest instance of this also seems to be the latest …
Popular web stores vulnerable to “free shopping” exploits
A recently published paper titled “How to Shop for Free Online” presents the depressing results of a security analysis of some of the most popular online stores, …
Spam about the Jasmine Revolution leads to malware
By the end of 2010, the total number of Chinese Internet users reached 457 million. That means that even if scammers and hackers concentrate exclusively on that particular …
Spotify has been displaying malicious ads
Streaming music service Spotify has been displaying malicious ads to users of their Free version. The ads lead to websites that used the Blackhole Exploit Kit to infect users …
Highly targeted attacks exploiting Windows MHTML vulnerability
A recent surge in attacks against a variety of sites that exploit a MHTML XSS vulnerability publicly disclosed in January – and which still hasn’t been patched by …
Pwn2Own: iPhone and Blackberry hacked
On the second day of the Pwn2Own contest held at the CanSecWest conference, iPhone and Blackberry devices have been successfully exploited, while the scheduled Android and …
Free, open source exploit kit offered online
Among the various exploit kits for sale out there it seems there is one that aspiring cyber crooks can use for free. Researchers from M86 have stumbled upon it by chance, and …
Two BBC sites serving malware via injected iFrame
A piece of malware detected by only 21 percent of the anti-virus solutions used by VirusTotal is currently being pushed onto unsuspecting visitors of the BBC 6 Music and BBC …
Complex Trojans and next generation malware is on the way
While e-mail users may have noticed a significant drop in spam in recent months, cybercriminals are gaining ground with creative new phishing methods and making exploit kits …
Google offers Pwn2Own contestants $20,000 for Chrome exploit
As during the previous four years, this year’s edition of the CanSecWest conference will welcome security researchers bent on trying to exploit vulnerabilities in …
Serious jump in new vulnerabilities exploitation
On a typical month, exploit activity falls between 30 percent and 40 percent, according to Fortinet. Half of new vulnerabilities rated as “critical” were targeted …