- Weekly Roundup
- By Eduard Kovacs
- March 3rd, 2013
Security Brief: China Retaliates Against Accusations, More Java Vulnerabilities
The main events of the week between February 25 - March 3
- Security Blog
- By Eduard Kovacs
- March 2nd, 2013
Bit9 Hack Connected to Latest Java Zero-Day Attacks
Both Symantec and FireEye experts agree that the malware and the C&C are the same
- Security
- By Eduard Kovacs
- March 1st, 2013
Zero-Day Affecting Java 6 U41 and Java 7 U15 Exploited in the Wild
FireEye researchers say the exploit is not very reliable
- Security Fixes and Improvements
- By Eduard Kovacs
- February 27th, 2013
Oracle Assigns Tracking Numbers to Java 7 Update 15 Issues, but Fails to Confirm Flaws
Security Explorations says it only takes 10 minutes to verify the exploit
- Security Blog
- By Eduard Kovacs
- February 26th, 2013
Zero-Day Vulnerability in Japanese Word Processor Ichitaro Exploited in the Wild
JustSystems has released a patch to address the flaw
- Security Fixes and Improvements
- By Eduard Kovacs
- February 25th, 2013
Vulnerability Affecting Java 7 Update 15 and Earlier Versions Identified
Security Explorations has discovered another sandbox bypass flaw
- Security Blog
- By Eduard Kovacs
- February 21st, 2013
Adobe Updates Reader X, XI and 9.5.3 to Address Zero-Day Vulnerabilities
Customers must install the updates immediately because the flaws are exploited in the wild
- Security Blog
- By Eduard Kovacs
- February 18th, 2013
Adobe to Patch Reader and Acrobat Zero-Day During the Week of February 18
In the meantime, customers are advised to enable Protected View
- Hacking News
- By Eduard Kovacs
- February 16th, 2013
Facebook Hacked in Sophisticated Attack, Java Zero-Day Used to Push Malware
Fortunately, there’s no evidence that user data has been compromised
- Security Blog
- By Eduard Kovacs
- February 14th, 2013
Adobe Advises Users to Enable Protect View Until Reader Zero-Day Is Fixed
The company provides instructions for regular customers and enterprises
- Security
- By Eduard Kovacs
- February 14th, 2013
The Use of Zero-Day Exploits by Governments Makes the Web Less Safe, Experts Say
State actors are paying impressive amounts of money to develop offensive capabilities
- Security Blog
- By Eduard Kovacs
- February 13th, 2013
New Adobe Reader Zero-Day Identified, Versions 9.5.3, 10.1.5 and 11.0.1 Affected
FireEye researchers are the ones who have discovered the new vulnerability
- Security Blog
- By Eduard Kovacs
- February 8th, 2013
Adobe Updates Flash Player 11.5 and 11.2 to Address 2 Zero-Day Vulnerabilities
A memory corruption and a buffer overflow plague the older versions on all platforms
- Security Fixes and Improvements
- By Eduard Kovacs
- February 5th, 2013
Adobe Fixes Reader Flaw, but It’s Uncertain If It’s the Zero-Day Found by Group IB
Adobe still hasn't received the proof-of-concept of the vulnerability
- Security Blog
- By Eduard Kovacs
- January 18th, 2013
Security Explorations Identifies Two Vulnerabilities in Java 7 Update 11
The security holes can be exploited for a complete sandbox bypass
- Security Blog
- By Eduard Kovacs
- January 16th, 2013
Java 7 Update 11 Zero-Day Exploit Sold for $5,000 on Underground Market
The exploit is not integrated into any known crime kits
- Virus alerts
- By Eduard Kovacs
- January 11th, 2013
Java 7 Zero-Day Exploit Used to Distribute Reveton Ransomware
The best way for users to protect themselves is to disable Java