Experts urge system administrators to patch the Ghost vulnerability in glibc immediately, but counter that as well that exploiting the bug may be challenging.
Browsing Category: Hacks
The Flash zero day that made its way into the Angler exploit kit was wrapped in multiple layers of obfuscation and has the ability to inject its malicious payload straight into users’ browsers. In the last week, since the news broke of the Adobe Flash zero-day flaw appearing in the Angler kit, security researchers have[…]
Kaspersky Lab has found shared code and functionality between the Regin malware platform and a keylogger described in recently disclosed Snowden documents.
UPDATE–Adobe has released an emergency update for Flash to address a zero-day vulnerability that is being actively exploited. The company also is looking into reports of exploits for a separate Flash bug not fixed in the new release, which is being used in attacks by the Angler exploit kit. The vulnerability that Adobe patched Thursday is[…]
A researcher has developed a bypass for Microsoft’s latest memory corruption mitigations in Internet Explorer, Heap Isolation and Delay Free.
Oracle’s January 2015 Critical Patch update includes a fix for a backdoor found in the Oracle E-Business Suite by researcher David Litchfield. The patch is among 169 released in the CPU.
A device that Progressive sends out to customers to give them a better rate by may be doing more than keeping track of their driving, the devices may be insecure and used to take control of vehicles.
Police in the UK, working in cooperation with the FBI, arrested an 18-year-old man Friday in connection with recent DDoS attacks on the PlayStation Network and Xbox Live services. The authorities arrested the unnamed man in Southport, and he is being held on suspicion of computer crime and unauthorized access to computer material. UK officials[…]
Vague language in the White House’s proposed amendments to the CFAA leave the door open to a chilling effect on legitimate security research.
The Skeleton Key malware bypasses single-factor authentication on Active Directory domain controllers and paves the way to stealthy cyberespionage.