18 News Story Topics

Remove Filter
Member Avatar for
Member Avatar for happygeek

Earlier this month, security outfit FireEye’s 'FireEye as a Service' researchers out in Singapore [discovered and reported](https://www.fireeye.com/blog/threat-research/2015/06/operation-clandestine-wolf-adobe-flash-zero-day.html) on a phishing campaign that was found to be exploiting a zero-day in Adobe Flash Player vulnerability (CVE-2015-3113). That campaign has been well and truly active for a while now, with attacking emails …

Member Avatar for diafol
2
511
Member Avatar for happygeek

So it seems that an Internet Explorer zero day vulnerability allowed the back door to be opened that resulted in the [URL="http://www.daniweb.com/news/story252590.html"]hack attack on Google[/URL] and many others that has received such publicity this week. According to [URL="http://siblog.mcafee.com/cto/operation-%E2%80%9Caurora%E2%80%9D-hit-google-others/"]McAfee[/URL] it has identified an Internet Explorer vulnerability as being one of the …

Member Avatar for Tcll
0
1K
Member Avatar for happygeek

Reports are coming in thick and fast about 'state-sponsored' zero-day exploits hitting business websites in the UK. The latest, disclosed yesterday by [SophosLabs](http://nakedsecurity.sophos.com/2012/06/20/aeronautical-state-sponsored-exploit/), involves an as yet unnamed European aeronautical parts supplier and follows on from another the day before involving a European medical company site. In both cases the …

Member Avatar for jwenting
1
524
Member Avatar for happygeek

Last week saw the discovery of YAJE: Yet Another Java Exploit. Sadly, Java vulnerabilities are neither new nor uncommon and the bad guys are quick to exploit them in the wild. Some claim that Oracle is in too much of a rush to extricate itself from this unholy mess and …

Member Avatar for gyno
3
555
Member Avatar for happygeek

If you are a user of Adobe Flash, be sure to apply the latest security update if you want to avoid becoming part of an in-the-wild attack exploiting a vulnerability which currently seems to be exploiting users of Internet Explorer on the Windows platform only. Adobe has, however, issued an …

Member Avatar for happygeek
0
706
Member Avatar for PCBrown

[ATTACH=RIGHT]16747[/ATTACH]Sony’s impenetrable fortress, a.k.a, the PlayStation 3, has been compromised. OzModChips.com just announced their version of a “jailbreak” for the PS3. What they claim to have is a plug-and-play modchip in the form of a USB stick. When plugged into the PS3, it allows an impressive amount of access into …

Member Avatar for rajesh langeh
2
509
Member Avatar for happygeek

Many of the biggest forum-based online communities, including DaniWeb, are powered by vBulletin software. So it came as something of a shock when the BBC reported that a [URL="http://www.bbc.co.uk/news/technology-10714192"]vBulletin security flaw means that any hacker could "easily access the main administrator username and password for a site"[/URL]. But is the …

Member Avatar for Bruce100
1
597
Member Avatar for happygeek

The good news is that security savvy Windows users will, more than likely, have already disabled the AutoRun and AutoPlay features. The bad news is that a new zero-day vulnerability could care less, and executes automatically anyway. [attach]15918[/attach]The zero-day vulnerability in question was first spotted by Sergey Ulase, a researcher …

0
243
Member Avatar for happygeek

File under FAIL: social network widget maker RockYou has fallen victim to a SQL injection flaw and as a result some 32.6 million users are being urged to change their passwords as a matter of urgency. Security specialists Imperva discovered the problem at social networking development site Rockyou.com and issued …

Member Avatar for Alex_
1
825
Member Avatar for happygeek

I just had a Jaws moment. You know, you think it is safe to go back in the water and then a bloody great shark bites your legs off. Except in this case you can replace the sea with the Internet and the shark with the [URL="http://www.daniweb.com/blogs/entry4339.html"]equally dangerous Gumblar[/URL]. According …

0
407
Member Avatar for happygeek

Over the weekend news broke that a worm had started infecting Jailbroken iPhones in Australia. Nobody really took the exploit too seriously as all the 'ikee worm' did was change the phone wallpaper to a picture of 80's pop singer Rick Astley in a kind of warped tribute to the …

Member Avatar for kurtharriger
2
2K
Member Avatar for happygeek

Odd isn't it, how Microsoft kicked up a fuss when Google announced the Chrome plugin for Internet Explorer on the grounds that it could make the browser more insecure. Indeed, it went as far as to suggest that it doubled the potential surface area for malware and scripted attacks. Yet, …

Member Avatar for fossrules
1
717
Member Avatar for happygeek

[URL="http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/"]Multiple arbitrary code execution vulnerabilities in Ruby[/URL] have been revealed by the [URL="http://www.apple.com/support/security/"]Apple Product Security[/URL] team which could lead to Denial of Service attacks. A total of five vulnerabilities have been reported, with versions impacted being: [INDENT]1.8.4 and all prior versions 1.8.5-p230 and all prior versions 1.8.6-p229 and all prior …

1
241
Member Avatar for happygeek

[URL="http://www.itpro.co.uk/news/187851/apple-iphone-vulnerable-through-safari.html"]According to IT Pro[/URL] the Apple iPhone is vulnerable to Denial of Service attacks. These can occur when an iPhone user opens a JavaScript containing HTML page which triggers the vulnerability. An application Denial of Service attack can then crash the Safari browser on the phone, and quite possibly the …

Member Avatar for kumaran83
0
573
Member Avatar for happygeek

Computerworld is [URL="http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9071638&source=rss_news6"]reporting the possibility[/URL] of a worm or bot in the wild that is specifically targeting D-Link branded routers. It refers to a three year old vulnerability which Symantec security researchers believe is being exploited by a new exploit. Apparently, the Symantec security response team has seen an increase …

0
368
Member Avatar for newsguy

According to [URL="http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9070840&intsrc=hm_list"]reports[/URL] it would appear that Microsoft has confirmed the presence of a critical vulnerability which impacts upon users of MS Word for Windows 2000, XP and Server 2003 SP1. Shame it has taken many weeks for Microsoft to admit this, and only after a second security vendor recently …

0
221
Member Avatar for happygeek

[URL="http://www.kaspersky.com/"]Kaspersky Lab[/URL] has released its latest Malware Evolution [URL="http://www.viruslist.com/en/analysis?pubid=204791907"]report[/URL], covering the period between June and September 2006 and, as usual, it makes for interesting reading. Alexander Gostev, Senior Virus Analyst, Kaspersky Lab comments that the first six months of 2006 was “notable for the complexity of the technologies which antivirus …

Member Avatar for Anthea_123
0
317
Member Avatar for happygeek

Microsoft has issued an [URL="http://www.microsoft.com/technet/security/advisory/927709.mspx"]advisory [/URL]warning about a Visual Studio 2005 vulnerability in the WMI Object Broker ActiveX control, part of WmiScriptUtils.dll which could allow remote arbitrary code execution. The WMI Object Broker ActiveX control will circumvent the ActiveX security model, because it is marked as being ‘safe for scripting’ …

0
289

The End.