7 Topics

Member Avatar for
Member Avatar for happygeek

So it seems that an Internet Explorer zero day vulnerability allowed the back door to be opened that resulted in the [URL="http://www.daniweb.com/news/story252590.html"]hack attack on Google[/URL] and many others that has received such publicity this week. According to [URL="http://siblog.mcafee.com/cto/operation-%E2%80%9Caurora%E2%80%9D-hit-google-others/"]McAfee[/URL] it has identified an Internet Explorer vulnerability as being one of the …

Member Avatar for Tcll
0
1K
Member Avatar for happygeek

Feedly app left attack window open for malicious JavaScript hackers according to one security researcher. Security consultant and blogger Jeremy S [revealed](http://breaktoprotect.blogspot.in/2014/04/feedly-android-application-zero-day.html) that the Feedly Android app, or at least the version prior to the update on March 17th 2014, had been subject to a zero-day JavaScript code injection vulnerability. …

0
358
Member Avatar for happygeek

Java vulnerabilities have hardly been out of the news during the last year. Here at DaniWeb we've covered a number of the stories as they surfaced: [Java in the cross-hairs: the security debate rolls on](http://www.daniweb.com/software-development/java/news/445532/java-in-the-cross-hairs-the-security-debate-rolls-on), [Is Java 7 still insecure? Oracle Patch doesn't fix underlying vulnerability](http://www.daniweb.com/software-development/java/threads/432479/is-java-7-still-insecure-oracle-patch-doesnt-fix-underlying-vulnerability), [Update my insecure Java …

Member Avatar for masijade
3
358
Member Avatar for happygeek

Microsoft has published an [advance notification](http://technet.microsoft.com/en-us/security/bulletin/ms13-jan) for vulnerabilities that will be patched in the January 2013 'Patch Tuesday' security bulletin due next week. However, anyone hoping for a permanent fix to deal with the Internet Explorer zero-day exploit that surfaced during the seasonal holiday period is going to be disappointed. …

Member Avatar for LastMitch
0
313
Member Avatar for happygeek

FireEye security researchers are warning that they have [detected a new zero-day vulnerability](http://blog.fireeye.com/research/2013/02/yaj0-yet-another-java-zero-day-2.html) that is being used successfully in the wild against browser clients with both Java 6u41 and Java 7u15 installed. Given that the Java 7 update was only released a couple of weeks ago, this is yet more …

Member Avatar for jwenting
3
1K
Member Avatar for happygeek

The good news is that security savvy Windows users will, more than likely, have already disabled the AutoRun and AutoPlay features. The bad news is that a new zero-day vulnerability could care less, and executes automatically anyway. [attach]15918[/attach]The zero-day vulnerability in question was first spotted by Sergey Ulase, a researcher …

0
243
Member Avatar for happygeek

Still using Adobe Acrobat or Adobe Reader? Maybe it is time to switch to something that's not glowing red on the bad guy radar, or which is more securely coded depending upon how you look at these things. Yes, Adobe has admitted that there is yet another possible zero-day vulnerability …

0
374

The End.