Vulnerabilities


Botnets Targeting Full Spectrum of Servers

Web servers, FTP servers, and even SSL servers
are becoming prime targets for botnet operators, not as command and
control servers or as pure zombies, but more as a place to host their
malicious code and files, or in some cases to execute high-powered spam
runs. Read the full article. [Dark Reading]

Cisco Patches Critical WebEx Vulnerabilities

Cisco today released a security update with patches for a half-dozen serious security flaws in its WebEx Recording Format (WRF) Player.The vulnerabilites vulnerabilities may lead to a crash of the WRF Player application, or in some cases, lead to remote code execution, the company warned.  Read the full advisory [cisco.com]

Adobe to Patch Zero-Day Flaw on Jan 12

Here’s a quick update to the Adobe PDF Reader/Acrobat zero-day story that broke yesterday after the company confirmed that an unpatched vulnerabilities was being attacked in the wild.First up, an exploit has been fitted into the Metasploit point-and-click penetration testing tool and there are predictions that exploit code will be widely available within a day or two.


On Tuesday, clicking on the illustration on Google’s front page commemorating the 150th anniversary of the birth of Esperanto’s creator L. L. Zamenhof, generated an awful lot of malicious search results — taking visitors to dodgy advertisements or pages that tried to trick visitors into thinking their computers were infected and paying for fake antivirus software. Read the full article. [Computerworld]

The Mozilla developers have released version 3.5.6 of their open source Firefox web browser to address a total of seven vulnerabilities, three of them critical. Read the full article. [The H Security]

A SQL injection flaw has been discovered in Rockyou.com – a social networking application development website used by app developers for Bebo, Facebook and Myspace; The flaw could have allowed hackers access to the 32 million usernames and passwords. Read the full article. [eWEEK Europe]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.