Two hacker groups used same IE 0-day exploit in recent attacks
The recently spotted watering hole attacks aimed at the visitors of the official website of the US Veterans of Foreign Wars and of a bogus website mimicking that of the French …
Internet Explorer
Removing admin rights mitigates 92% of critical Microsoft vulnerabilities
Avecto analyzed data from security bulletins issued by Microsoft throughout 2013 and concluded that 92% of all vulnerabilities reported by Microsoft with a critical severity …
IE 0-day used in watering hole attack tied to previous campaigns
An Internet Explorer zero-day vulnerability (CVE-2014-0322) is actively exploited in the wild in a watering-hole attack targeting visitors to the official website of the U.S. …
Microsoft patches critical vulnerabilities, secures IE
At first take, it looked like Microsoft would continue the 2014 trend of keeping patch Tuesday relatively light. There were only 5 advisories this month, two critical, three …
Popular Swedish news site latest link to fake AV infection
The website of popular Swedish tabloid Aftonbladet has been compromised to redirect visitors to a website sporting bogus infection warnings in order to trick them into buying …
Windows, IE, Java are most vulnerable
When compared with the numbers from the previous year, 2013 has seen an increase in reported security vulnerabilities and, what’s more, the number of critical …
IE flaw targeted in Aurora attacks still actively exploited
Regular software patching is often touted as one of the best things you can do to keep your computer safe against malware infection. Unfortunately, not all users follow that …
Configuring for security in a world of 0-days
Last month, Microsoft published two separate notices of 0-day vulnerabilities that were being used in the wild to attack Microsoft products. The first flaw is in a code …
Microsoft fixes 24 vulnerabilities
This Patch Tuesday features a solid 11 advisories affecting 6 different product types. All supported versions of Windows, Office, SharePoint, Exchange, Lync and a mixed bag of …
New IE 0-day actively exploited by Chinese attackers
After having discovered a new IE zero-day exploit being actively used in the wild, FireEye researchers have revealed that the watering hole attack is more than likely mounted …
Patched IE zero-day and older flaw exploited in ongoing targeted attacks
With this month’s Patch Tuesday, Microsoft has delivered the patch for the infamous Internet Explorer zero-day (CVE-2013-3893) that has been spotted being used in …
Microsoft exceedes 100 bulletins for 2013
It’s been an interesting month for the Microsoft Security watchers of the world. If your job depends on securing systems running Windows, you should be eagerly awaiting …