Home / Security (page 4)

Security

The most acute and actual events in the industry of computer and network security

Microsoft paid Zero Day Initiative team $125,000 for found vulnerabilities in Internet Explorer

Microsoft Bounty Programs

The “Zero Day Initiative” (ZDI) team will donate the received money to the Texas A&M University, Concordia University and Khan Academy. Team Zero Day Initiative received an award of $125,000 in the program Microsoft Mitigation Bypass Bounty and BlueHat Bonus for Defense Program for found vulnerabilities in the browser Internet Explorer. Three team members Brian Gorenc, AbdulAziz Hariri and Simon Zuckerbraun …

Read More »

XSS zero day vulnerability in Microsoft Internet Explorer allows you to attack any sites

vulnerability in Microsoft Internet Explorer

Yesterday it became known about the appearance of a previously unknown zero day XSS vulnerability in Microsoft Internet Explorer. Using this error, the remote user can incorporate into the HTML-page arbitrary JavaScript-script to bypass the same-origin policy on almost any site. Researchers from deusen.co.uk, have placed PoC-exploit code which demonstrated the exploitation of vulnerability on the website of the first …

Read More »

Critical Zero Day Vulnerability Discovered in WordPress Fancybox Plugin

WordPress vulnerabilities

Sucuri’s security researchers discovered a number of websites (powered by CMS WordPress) with the injection of malicious iframe. According to reports in the blog of company Sucuri, local researchers have found safety zero-day vulnerability in a popular Fancybox plugin for the CMS WordPress. The total number of downloads Fancybox for all time is 550,000 times. The number of users of …

Read More »

CVE-2015-0313: Another Critical zero-day vulnerability in Adobe Flash Player

Adobe Flash Player zero-day vulnerability

Today, February 2, became aware of the appearance of third zero-day vulnerability (CVE-2015-0313) in Adobe Flash Player. Today, February 2, Adobe has released a security notice, which informs about the latest zero-day vulnerability in Adobe Flash Player. This is the third zero-day vulnerability in 2015 in a popular player. The vulnerability received identifier CVE-2015-0313, and the exploit to the vulnerability …

Read More »

CVE-2015-0235: Critical vulnerability in the GNU C library glibc

GHOST Critical vulnerability in Linux

Critical “Ghost” Remote Code Execution Vulnerability – a Linux vulnerability known as GHOST (CVE-2015-0235), discovered by researchers at cloud security company Qualys. A critical remote code execution vulnerability (buffer overflow) found in the GNU C library glibc affects all Linux systems and could lead to remote code execution with the privileges of the server. In the system library Glibc detected …

Read More »

GHOST glibc vulnerability Affects WordPress and other PHP-applications

GHOST glibc vulnerability

Using WordPress and other PHP-applications an attacker can compromise a system. Researchers warn that the popular content management system WordPress can be subjected to the GHOST critical vulnerability, found in the GNU C library (glibc). In addition to WordPress, a gap can affect the majority of PHP-applications and distributions of Linux-based systems. GHOST is a dangerous vulnerability (CVE-2015-0235), which discovered …

Read More »

Adobe has corrected the second zero-day vulnerability in Flash Player

Adobe Flash Player

[CVE-2015-0311] Flash Zero Day Remote Vulnerability: Successful exploitation of vulnerability (CVE-2015-0311) allows an attacker to gain control over a user’s PC. Adobe has released an updated version of the software for Flash, correcting second critical vulnerability (CVE-2015-0311). Exploitation flaw allows attackers to gain control over a user’s PC. Exposed to the threat – all versions of Flash to 16.0.0.287 (inclusive) for …

Read More »

Adobe has corrected one of the zero-day vulnerability in Flash Player

Adobe Flash Player zero-day vulnerability

The hole, that was discovered security researcher Kaffeine, will be corrected only in the next week. Adobe has released an urgent update for Flash Player, which corrects actively exploited zero-day vulnerability. The company’s specialists also reviews reports about the other hole, which is used in the attacks using a set of exploits “Angler Exploit Kit”. Note that the vulnerability discovered …

Read More »

RetinaX Studios: Assisting In Revealing The Truth

Retina-X Studios

Monitoring Software for Mobile Phones, Computers & Networks The age of information with its almost unlimited opportunities and myriads of sophisticated plagues is definitely a tough age to dwell in. Our brains process terabytes of information on a daily basis, and when its filters go out of order we are left to deal with a dilemma of whether to believe …

Read More »

Android Security: 5 Ways To Secure Your Android Phone

android security

5 Ways to Secure Your Android Phone The Android platform does not have to be inherently vulnerable to security issues, but it is a little more open than many others. For this reason, it’s very important that you take additional action to ensure that your phone is simplest secure. Without securing your phone, you may fall victim to the malware …

Read More »