|
Home / News / Tags / exploit
|
|
30
A new BootROM called iBoot-359.3.2 has been spotted in new iPhone 3GS units, according to MuscleNerd of the iPhone Dev Team. The BootROM is resistant to the 24kpwn exploit currently used to jailbreak the iPhone and iPod touch. Softpedia doesn’t condone jailbreaking. Via an iClarified report, a tipster provides... |
14 October 2009
10:11 GMT |
 |
|
Tavis Ormandy and Julien Tiennes, two security specialists from Google, reported last night (August 13th) that they had discovered a critical security vulnerability in all Linux kernels (2.4 and 2.6) since 2001, for all architectures. The CVE-2009-2692 vulnerability allows regular users to get root rights on the affe... |
14 August 2009
08:55 GMT |
|
|
It is nothing short of ironic that game password stealing malware is being associated with an exploit designed to target a vulnerability in DirectX. But Microsoft officially confirmed that malicious code designed to harvest account credentials for online games had been detected bundled with exploits targeting the Dir... |
26 June 2009
10:43 GMT |
|
|
Information on a new 0-day vulnerability affecting Microsoft server is available in the wild, the Redmond company has confirmed. The software giant has informed that it is investing public reports of a security hole in various versions of Internet Information Services (IIS). The Redmond company has published a prelim... |
19 May 2009
04:08 GMT |
|
|
As you all know, Canonical's popular Ubuntu Linux distribution ships with Transmission as the default BitTorrent client. One of the newest features of Transmission is a web-based interface, accessible from your Internet browser. And though there aren't many users interested in or aware of this alternative w... |
13 May 2009
07:01 GMT |
|
|
Microsoft has acknowledged officially that a Critical zero-day vulnerability affecting the PowerPoint component of various versions of the Office System is targeted by attacks in the wild. At this point in time there is no update designed to patch the security flaw that impacts Office PowerPoint 2000 Service Pack 3, ... |
3 April 2009
09:18 GMT |
|
|
Microsoft has squashed reports of a new zero-day Critical vulnerability affecting versions 9, 10, and 11 of Windows Media Player, which emerged ahead of Christmas. The Redmond company indeed confirmed that there was an issue that could lead to Windows Media Player crashing, however, it denied that it could be remotel... |
30 December 2008
06:08 GMT |
|
|
We've talked about the exploits related to mining and refining in EVE Online, the MMO created and maintained by Icelandic developers CCP. It seems that a bug, which can be traced back to 2004, was used by a select group of players to basically manufacture resources out of thin air. The resources were in turn eit... |
22 December 2008
17:11 GMT |
|
|
Expanding the concept of user protection beyond the traditional meaning associated with browser security, Microsoft warned that surfing adult content websites with Internet Explorer could expose users to attacks involving exploits of a yet unpatched vulnerability in all supported versions of IE, including IE8 Beta 2.... |
16 December 2008
07:48 GMT |
|
|
The exploit for a vulnerability affecting the Server Service on all supported versions of Windows has been included in a commercial malware kit, available for sale. MS08-067 is labeled with a maximum severity rating of Critical, and the security bulletin is designed to patch vulnerable Windows operating systems, whic... |
17 November 2008
14:51 GMT |
|
|
Bojan Zdrnja from the Internet Storm Center (ISC) warns that he has encountered malicious PDF files, which exploit the recently announced and patched JavaScript-based buffer overflow vulnerability in Adobe Reader and Acrobat 8.1.2 and older. The attack is based on proof of concept code that was released on exploit tr... |
8 November 2008
06:12 GMT |
|
|
A few days ago, the well known vulnerability tracking company Secunia released the results of a test aimed at comparing vulnerability exploit detection rates of Internet Security Suite-type products from several anti-virus vendors. The results were surprisingly disappointing, with a single product scoring a rate high... |
16 October 2008
09:13 GMT |
|
|
Microsoft has come out gunning for an exploit test performed by security outfit Secunia involving 12 Internet Security Suites among which Windows Live OneCare. The Redmond company labeled the results of the exploits targeting vulnerabilities test as misleading and confusing because Secunia focused exclusively on the ... |
16 October 2008
07:41 GMT |
|
|
A remotely exploitable buffer overflow vulnerability that can allow remote code execution has been identified in the latest version of mIRC (6.34). The vulnerability is not patched yet and users are advised to be cautious when connecting to IRC servers or opening irc:// links.Secunia released a security advisory rega... |
3 October 2008
10:55 GMT |
|
|
Researchers Jeremiah Grossman, founder of WhiteHat Security, and Robert “RSnake” Hansen, founder of SecTheory, announced that they would fully disclose their research and PoC exploits at the Hack In The Box (HITB) conference in Kuala Lumpur, 27-30 October. The researchers previously canceled the presentat... |
30 September 2008
06:22 GMT |
|
|
Soon after Apple updated QuickTime to version 7.5.5, a certain "Securfrog" published a code that can (allegedly) be used to crash any Web browser with the QuickTime plug-in. According to the person who found the flaw, a memory heap overflow can be created because of the way QuickTime handles long strings of data.&ldq... |
19 September 2008
03:38 GMT |
|
|
Microsoft released last week an advisory and a security update for a critical vulnerability in Media Encoder 9 ActiveX as part of their Patch Tuesday (September 9). Not long after this vulnerability became public knowledge, a PoC (Proof of Concept) exploit was posted on Milw0rm and attacks based on it started to be d... |
16 September 2008
06:36 GMT |
|
|
Security researcher Kevin Finisterre has released a working exploit for a vulnerability discovered in June in the CitectSCADA software used by many companies to control industrial machineries. This poses a threat for vital strategic facilities like power/water distribution plants or oil/gas refineries to name a few. ... |
10 September 2008
09:50 GMT |
|
|
Intel has issued BIOS security updates for several desktop and mobile motherboards. The updates address a flaw in the Q35 chipset that can be exploited in order to run rootkits within the System Management Mode (SMM). The affected motherboard models are DQ35JO, DQ35MP, DP35DP, DG33FB, DG33BU, DG33TL, DX38BT and ... |
27 August 2008
18:00 GMT |
|
|
Websense Inc., a major company that offers web security filtering and solutions, has discovered that the DNS servers of China Netcom (CNC), one of the country's leading ISPs, are compromised. The servers suffer from poisoned DNS entries injection, resulting from exploitation of the flaw in the DNS system core, u... |
22 August 2008
06:49 GMT |
|
|
Microsoft's monthly release of security bulletins is bound to get a tad richer as far as the information provided to customers is concerned come October 2008. This will happen via the new Exploitability Index, introduced at the Black Hat USA 2008 conference on August 5, 2008. The new resource was spawned in acco... |
6 August 2008
09:10 GMT |
|
|
ActiveX controls are by now nothing short of traditional vectors of attack because of their intimate integration with Microsoft's software products. The latest illustrative examples in this context are the new attacks targeting a Critical vulnerability in the ActiveX control for Microsoft Access. The Redmond com... |
8 July 2008
05:42 GMT |
|
|
ZDNet is reporting that "the Google-backed StopBadware coalition has called on Apple to rethink its stance" on the Safari "carpet bomb" issue. Reported weeks ago by Nitesh Dhanjani, the flaw puts both Mac and Windows users at a serious security risk, according to voices on the Internet. Apple doesn't seem to be ... |
30 May 2008
03:59 GMT |
|
|
The Sunnyvale-based company Yahoo has just rolled out SearchScan, a technology developed with the help of McAfee, that provides protection from viruses, spyware and spam, usually delivered through malicious websites. Since some of these pages may be already indexed by Yahoo Search and returned to the user, SearchScan... |
6 May 2008
02:11 GMT |
|
|
Word on the web is that the exploit Charlie Miller used to "pwn and own" Apple's MacBook Air at CanSecWest last month had actually been acknowledged and publicly revealed almost a year before the contest.NetworkWorld is reporting that security researcher Chris Evans said in an email interview that he found the b... |
22 April 2008
06:31 GMT |
|
|
Following last month's CanSecWest conference which saw Apple's MacBook Air pwned and owned in less than two minutes, people have started talking. Apple's Macs are known for being secure, not because of the operating system's architecture, but because of hackers' lacking interest in the platfo... |
11 April 2008
05:05 GMT |
|
|
Well, this is a bit of a surprise. This year's 'PWN to Own' contest hosted at CanSecWest saw Apple's MacBook Air get PWNED in 2 minutes flat. Charlie Miller (famed iPhone hacker), Jake Honoroff and Mark Daniel of Independent Security Evaluators have successfully compromised the Apple MacBook Air, ... |
28 March 2008
05:51 GMT |
|
|
It is the second Tuesday of February and users of Microsoft's Office 2004 for Mac are getting a bit of a treat. Actually, considering the risk they've been exposed to so far, it's more of a life-saver, but we'll just leave it at that. The patch (.dmg file size: 12mb), available right HERE for imme... |
13 February 2008
13:11 GMT |
|
|
Microsoft's Internet Explorer is without a doubt the main vector of attacks, when it comes down to web-based threats. Its ubiquity, as well as its intimate integration into the Windows platform, makes it an excellent avenue for attacks. With IE6, Microsoft has gained an ill reputation for failing dramatically to... |
6 February 2008
07:38 GMT |
|
|
Hackers are always looking for vulnerabilities, no matter if we're talking about software glitches or weak security measures set up by the computer/network administrator. And if there's a vulnerability in your printer configuration, they exploit it too. Today's piece of news is about what security rese... |
14 January 2008
04:00 GMT |
|
|
Moving from vulnerabilities to patches and then to the ensuing exploits is a natural order of security evolution for Microsoft products. And the company's monthly patch cycle comes only to confirm this trend. In the aftermath of the security bulletins issued on October 9, 2007, exploits appeared targeting an ini... |
11 October 2007
03:42 GMT |
|
|
Cyber-crooks use all sorts of methods to steal one person's data or identity. They will go as far as pretending to be high-profile companies, in order to trick users. Now they pretend to be representatives of Visa and say that you have been enrolled in a program, then ask you for some data of course, it's ... |
25 September 2007
08:17 GMT |
|
|
This hasn't yet been confirmed but is looks like Microsoft has locked-out 23,000 XBLA users (for a certain given time), on the count of taking advantage of an exploit in Call of Duty 4 beta, which has now been resolved. According to Kotaku.com, the exploit enabled gamers to sign in on different machines, using t... |
6 September 2007
04:27 GMT |
|
|
You might already know this, Wells Fargo & Co. experienced some service problems that disabled ATMs and online accounts for their customers, as The Napa Valler Register informs us. This crash left people without access to their money for about 24 hours. You can read more about this matter by clicking on this here lin... |
22 August 2007
04:52 GMT |
|
|
Fable: The Lost Chapters is a remake of the 2004 Xbox RPG Fable, developed by Lionhead Studios and published by Microsoft Game Studios for Windows and Xbox in September 2005. The game is currently being ported to Mac OS X by Feral Interactive. This game acts as an extended version of the original Fable. It features ... |
30 July 2007
08:35 GMT |
|
|
A surprising piece of news up on PCWorld.com says something about a vulnerability coming from the Adobe Flash that could affect your Wii while browsing the Internet with Opera. Apparently, some Wii users have experienced freezing because of this exploit and it's not just the Wii getting kicked in the butt by thi... |
24 July 2007
06:41 GMT |
|
|
Along with hardcore pornography, and promises of images with the latest pop idols barely clothed, Microsoft Security Bulletins are next in line as the preferred incentives in Windows attacks. This because it all comes down to trust. And security updates released by Microsoft carry sufficient legitimacy to dispel any ... |
27 June 2007
07:10 GMT |
|
|
Might and Magic IX is a computer role-playing game developed for Microsoft Windows by New World Computing. It was the first installment of the Might and Magic series to feature a significant game engine overhaul since 1998's Might and Magic VI: The Mandate of Heaven. Powered by the Lithtech 1.5 engine, it was a... |
15 June 2007
06:51 GMT |
|
|
Yes, Microsoft's latest operating system will do that to users... There is a thin line between a hacker and a fanatical user, when it comes to Windows Vista. And nobody comes to prove this more than Rob Paveza, an independent security researcher, self-entitled Vista fan and the author of an exploit targeting the... |
28 May 2007
04:08 GMT |
|
|
Not a hacker? No problem! Not even technically skilled? Again no problem. "2007 Doc Binder" will do all the work for you! Exploiting vulnerabilities across Microsoft products has never been easier! According to Symantec, the number of samples for Trojan.Mdropper.X is through the roof. Usually, the case is that a malw... |
5 April 2007
05:38 GMT |
|
|
Exploits dead, Linux dead, pirated games 'deader'. Microsoft is patching up everything regarding their Xbox 360, so if you're a total gamer and can't rest until you play the newest titles, forget about your old console because you're probably going to get a new one. Microsoft's patching ... |
6 March 2007
09:44 GMT |
|
|
What seemed to be impossible, meaning hacking into an Xbox 360 and running "unnatural" apps on it, has recently proven not to be so impossible after all. Shader files from the King Kong game (Xbox 360 version of course) are practically the equivalent of the GTA LCS exploit that allowed hacking into the PSP system to ... |
5 March 2007
03:01 GMT |
|
|
|
|
