Exploits

Microsoft patches 18 Internet Explorer vulnerabilities, closes an actively exploited hole in Office

Microsoft patches 18 Internet Explorer vulnerabilities, closes an actively exploited hole in Office

By

Adobe joined Microsoft with a patch of its own for Flash Player.

Down go Chrome, Firefox, IE 10, Java, Win 8 at Pwn2Own hacker fest

Down go Chrome, Firefox, IE 10, Java, Win 8 at Pwn2Own hacker fest

Despite the best efforts by browser and operating system manufacturers to shore up their offerings, exploit hunters are still finding success at attacking the world's best-known platforms - especially when there is a large chunk of change on the line.

Skype dispatches swift fix for password reset flaw

By

First divulged in a Russian online community, a Skype password reset vulnerability could have given attackers the ability to run amuck in users' Skype accounts.

Adobe Reader exploit fetching up to $50k in underground

By

Adobe is awaiting more details on the reported flaw, which is able to work around Reader's sandbox protections to execute malicious code -- a capability that is making the exploit worth big bucks on the black market.

As a Java zero-day spreads, disclosure questions arise

By

As expected, exploits taking advantage of gaping holes in Java now are growing in prominence -- and the big question is: When will Oracle patch the issue?

The hypocrisy of the zero-day exploit trade

By

In the high-priced market of exploit sales, developers resist government regulations -- but are more than happy when one wants to open its coffers to them.

Microsoft, Adobe issue security updates for more than 50 bugs

By

Microsoft plugged 26 vulnerabilities, and Adobe shored up 26 of its own as part of a monster Patch Tuesday. Each company is grappling with an active exploit as well.

Despite patch, exploits against new Java bug picking up

Detection rates for exploits against the vulnerability (CVE-2012-1723) are now overtaking attacks abusing a previous widely attacked Java bug (CVE-2012-0507), which was used to spread the widespread Flashback trojan that targeted Mac users.

Black Hat: Most Java malware exploits "type confusion" vulnerability

By

A researcher investigated Java exploits, and drew on one well-know example, to explain how one of the most common classes of attack spreads.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US