Categories

Category Archives: Exploits

Fiesta exploit kit does the splits

We found a strange new pattern with the Fiesta exploit kit where we’re seeing a double payload where before only one was previously delivered.

YouTube stats tracker SocialBlade.com connected with malicious redirections that leads to Nuclear Pack exploit kit.

AskMen.com compromised again

Our honeypot captured an attack coming from AskMen.com in what appears to have been malicious code injected in their server.

A popular website recently suffered a malvertising attack. Malicious ads on legitimate websites are something we’re seeing a lot of these days.

Seldom do we hear of regular documents that actually have been exploited that can deceive many and sneak by your antivirus.

A new zero-day affecting Internet Explorer 6 to 11 on all Windows OS discovered. It’s also the first ‘official’ Zero-Day post Windows XP’s EOL.

Popular adult site beeg[dot]com pushes malware

Popular adult website serving up drive-by download and redirects to an exploit kit.

Adobe Flash Player Zero-Day: details and mitigation

A new vulnerability in Adobe’s Flash Player found.

A new zero-day discovered in Internet Explorer 10 and was used in targeted attacks.

Hard times on The Moscow Times

A reported malware alert for The Moscow Times turned out to be just that after the newspaper told readers to bypass the “fake warning”.

A Tumblr of trouble

Tumblr is a hot spot for malware infections, spam and other security issues. But this one disguises itself as a legitimate JavaScript.

Bug Bounties and the Price of Security

Digging for bugs and exploits for money? There are advantages as well as disadvantages to establishing a universal bug bounty program.

Malwarebytes finds an exploit in the Brazilian forum for TeamSpeak, a popular software among avid video game players.

Stuxnet: new light through old windows

A lesser known (and almost bypassed) version of Stuxnet shines new light on its attackers intentions and cyber arm capabilities.

Gmail Security Flaw Allows for Password Theft

A new vulnerability in Gmail allows for password theft of Google accounts.

An in-the-wild exploit targets Silverlight, a web plugin used by popular sites such as Netflix.

A lesser known aspect of the popular cloud storage Google Drive is its built-in site publishing feature that allows you to upload an entire directory containing static web files (HTML, JavaScript, CSS, etc.) and to publish your own website. Bad guys are uploading malicious scripts and using them as part of a well thought chain […]

[Update]: Microsoft has announced it will issue a patch for the newly discovered IE zero day tomorrow as part of the November Patch Tuesday. The vulnerability, now labeled CVE-2013-3918 affects an ActiveX control in Internet Explorer. More details can be found on Microsoft’s website. Last week we heard about a Windows zero day that allows attackers […]

PHP Hack Redirects To Magnitude Exploit Kit

Google’s Safe Browsing system deemed the official PHP website, PHP.net, malicious.

Lock – Unlock, Biometrics Failure

Signwave Unlock free by Battelle on the Leap Motion controller not quite ready from prime time yet.

1 2

Subscribe to our YouTube Channel