Here are the exploit kits to watch for over the next three to six months.
Tag Archives: Vulnerabilities
‘High Risk’ Zero Day Leaves 200,000 Magento Merchants Vulnerable
A popular version of the Magento ecommerce platform is vulnerable to a remote code execution bug, putting as many as 200,000 online retailers at risk.
Microsoft Patches Three Vulnerabilities Under Attack
Microsoft Patch Tuesday fixes 45 vulnerabilities, one being an active zero-day bug used to spread the Dridex banking Trojan.
Adobe Patches 59 Vulnerabilities Across Flash, Reader, Photoshop
Adobe patched 59 vulnerabilities across five different products, including Flash Player, Acrobat/Reader, Photoshop, Adobe Campaign, and its Adobe Creative Cloud App on Tuesday.
Microsoft Patches Word Zero-Day Spreading Dridex Malware
A Microsoft Word zero-day vulnerability is being used to spread the Dridex banking Trojan in attacks that have bypassed mitigation efforts.
Chrome Security Team Tackles ‘Friendly Fire’ To Keep Browser Safe
Justin Schuh, lead engineer of Chrome Security, said ensuring browser security for Chrome users is a balancing act juggling OEM pressures, questionable certificate authorities and quashing third-party software incompatibility issues.
Android Variant of Notorious Pegasus Spyware Found
Researchers say a variant of the notorious surveillance software called Pegasus has been targeting Android users allowing third parties to take screenshots, capture audio, read email and exfiltrate data from targeted phones.
New RAT Targets Koreans And Is Skilled At Evading Detection
Cisco Talos researchers spot a stealthy new remote administration tool calling ROKRAT that targets Korean-language Microsoft Word alternative Hangul Word Processor.
Security Analyst Summit 2017 Day One Recap
Mike Mimoso and Chris Brook recap the first day of this year’s Security Analyst Summit, including Mark Dowd’s memory corruption bug keynote, the digital archeology around Moonlight Maze, ATM hacking, and the Lazarus APT.
Fake SEO Plugin Used In WordPress Malware Attacks
Malware that passes itself off as a WordPress SEO plugin has been infecting sites and opening a backdoor for hackers on thousands of sites.