Complex Trojans and next generation malware is on the way
While e-mail users may have noticed a significant drop in spam in recent months, cybercriminals are gaining ground with creative new phishing methods and making exploit kits …
Google offers Pwn2Own contestants $20,000 for Chrome exploit
As during the previous four years, this year’s edition of the CanSecWest conference will welcome security researchers bent on trying to exploit vulnerabilities in …
Serious jump in new vulnerabilities exploitation
On a typical month, exploit activity falls between 30 percent and 40 percent, according to Fortinet. Half of new vulnerabilities rated as “critical” were targeted …
New malware strains wreaking havoc on Facebook
PandaLabs announced the discovery of security exploits via popular social media sites Facebook and Twitter. In the last several days, two new malware strains have been …
Exploit code for critical MS Office flaw exploit found in the wild
A critical vulnerability in the way Microsoft Office handles RTF which can allow an attacker to remotely execute arbitrary code on the victim’s computer has been by …
Adobe PDF format riddled with exploitable features
Adobe’s PDF format and standard has been known for a while now to be easily exploitable and, thus, rather insecure. In the past, attackers have taken advantage not only …
GSM cracking is all about knowledge, not money
Since the cracking of GSM encryption back in December 2009 by encryption expert Karsten Nohl, the cost of setting up an operation that includes sniffing out the calls made by …
Fake iTunes e-mail leads to drive-by download
E-mails purportedly coming from iTunes and bearing “iTunes account may be suspended” in the subject line have been hitting inboxes in the last few days. …
Week in review: Online shopping safety, malware hybrids and Packet Wars
Here’s an overview of some of last week’s most interesting news, articles and reviews: Google Apps Script API flaw allowed attacker to impersonate Google Details …
Windows 0-day circumvents UAC
Windows zero-day vulnerabilities are lately getting discovered too often for Microsoft’s – and users’ – liking. Unfortunately for all of us, details of …
Exploit code for still unpatched 0-day used by Stuxnet released
After Stuxnet hit, it was discovered that it took advantage of four previously unknown Windows zero-day vulnerabilities to spread and compromise targeted systems. Three of …
Latest IE 0-day exploit finds its way into Eleonore toolkit
Microsoft will likely be forced to issue an out-of-band-patch for the zero-day vulnerability affecting Internet Explorer that has been discovered being exploited in the wild …