Experts at Symantec discovered that hackers quickly take advantage of CVE-2015-8562 remote code execution to compromise Joomla servers. Joomla recently patched the CVE-2015-8562 vulnerability that could be exploited by attackers for remote code execution. According to the security expert Daniel Cid from Sucuri, hundreds of attacks are now taking place. âWhat is very concerning is that this […]
The websites based on the popular Joomla CMS need to be updated as soon as possible due to a critical remote code execution vulnerability. The websites based on the popular Joomla CMS need to be updated as soon as possible, Joomla has just released a security patch to fix a critical eight-year-old remote code execution vulnerability. […]
The Director of the Tor Project Roger Dingledine has accused the FBI of commissioning to the Carnegie Mellon boffins a study on methods to de-anonymize Tor users. The experts at the Tor Project have collected more information about the attack launched last year by Carnegie Mellon researchers on the popular anonymizing system. The Director of the […]
Rumors on the Internet says that the hackers who breached vBulletin forum website exploited a zero-day flaw, the company issued emergency security patches. On Sunday, the vBulletin official website has been hacked, according to DataBreaches.net, vBulletin, Foxit Software forums have been hacked by Coldzer0 that has stolen hundreds of thousands of usersâ records. The hacker published screenshots […]
A team of hackers has received a million-dollar payout for disclosing a iOS zero-day vulnerability that could allow an attacker to remotely hack any Phone. Bad news for the Apple users, a team of hackers have received a million-dollar payout for disclosing an iOS zero-day vulnerability that could allow an attacker to remotely hack any Phone […]
How much cost a zero-day for an industrial control system? Where is to possible to buy them and who are the main buyers of these commodities? We have discussed several times about the importance of zero-day in cyber attacks against computer systems, the exploitation of previously unknown vulnerabilities is a prerogative of well-funded hacking groups such as state-sponsored crews. […]
The Pawn Storm APT group set up rogue VPN and SFTP servers to target Dutch Safety Board employees involved in the MH17 crash investigation. July 17, 2014, Flight MH17, traveling from Amsterdam to Kuala Lumpur, was shot down by a missile in mysterious circumstances. Flight MH17 was flying over a conflict zone in eastern Ukraine […]
Despite both Microsoft and Adobe releasing patches on Tuesday (10/13/2015), a critical Flash zero-day flaw remains unpatched in Adobeâs latest update. Despite both Microsoft and Adobe releasing critical patches on Tuesday (10/13/2015), a critical zero-day vulnerability remains unpatched in Adobeâs latest update. As per Adobe APSA15-05, this vulnerability (CVE-2015-7645) remains unpatched is actively being exploited in-the-wild. Adobe plans […]
Researchers at Trend Micro discovered a new Adobe Flash Zero-Day used in Pawn Storm Campaign Targeting Foreign Affairs Ministries across the world. Once again Flash in the headlines, beware next emergency Flash Player update is critical for everybody as explained by the experts at Trend Micro. The researchers at the security firm explained that the update […]
The NSA SHARKSEER Program is a project that aims to detect and mitigate web-based malware Zero-Day and Advanced Persistent Threats using COTS technology. Every day, thousands of cyber attack rely on exploitation of zero-day exploits, even more sophisticated ATP groups trigger unknown vulnerabilities to compromise systems across the world. Intelligence agencies and research groups are investing […]