WorldWar-E™

A just-published attack tactic that bypasses the security protections of most current antivirus software is a “very serious” problem, an executive at one unaffected company said.
Last week, researchers at Matousec.com outlined how attackers could exploit the kernel driver hooks that most security software use to reroute Windows system calls through their software to check for [...] Read more »

Posted on May 23rd, 2010 under Consumer Cyber Alert, Exploits & Hacks, Security News, Windows. Tags: crack, Exploit, Security Threat, Software Vulnerabilities, Vulnerability. Comments: None

A section of the Web site for China’s state-run Xinhua news agency was found to be distributing malware last month, according to a Google malware scanning service that is still labeling the site as potentially harmful.
The “news center” section of the Xinhua’s Web site, which displays a feed of the agency’s stories, was found to [...] Read more »

Posted on May 16th, 2010 under Security News. Tags: Attackers, Exploit, Government Watchdog, Hackers, Malicious Code, Security, Xinhua News Agency. Comments: None

Mozilla patched more than one vulnerability in Firefox when it updated the browser to version 3.6.2 on Monday, the company confirmed today.
A total of 10 flaws were fixed in Firefox 3.6.2, according to Mozilla’s security advisory page, but details of others have been withheld until the company updates the older Firefox 3.0 and Firefox 3.5 [...] Read more »

Posted on April 20th, 2010 under Attacks, Browsers, Exploits & Hacks. Tags: Bug Tracking, Bugs, Bugzilla, Computer Security, Critical Vulnerability, Exploit, Firefox Flaws, Mozilla, Vulnerabilities. Comments: None

Browser vendors have been put on alert this week as security researchers at the Pwn2own competition at the CanSecWest conference in Vancouver successfully exploited Microsoft Internet Explorer 8, Safari, and Firefox. On the mobile side, an iPhone was shown to be exploitable, too.
The Pwn2own event tests fully patched versions of software for vulnerabilities and then [...] Read more »

Posted on April 2nd, 2010 under Browsers, Exploits & Hacks, Hacking & Cracking, iPod/iPhone. Tags: Browser Vendors, Code Execution, Contest Organizers, Data Execution Prevention, Exploit, Exploits, Firefox, Hackers, Internet Explorer 8, Internet Safari, Iphone, Prevention Mechanism, Program Flow, Pwn2Own, Security Protections, Shellcode, Vulnerabilities. Comments: None

Microsoft said on Friday it is testing a patch to fix a new hole in Internet Explorer 6 and IE 7 following the release of exploit code on the Internet.
With the announcement it seems increasingly likely that the company will be issuing a patch for the hole before the next Patch Tuesday in about four [...] Read more »

Posted on March 22nd, 2010 under Browsers, Exploits & Hacks, News From The Cyber Front, Security Alerts, Security News. Tags: Attacker, Customer Needs, Exploit, IE, Ie 7, Internet Explorer, Microsoft Security Response Center, Moshe, Security Advisory, Security Response Center, Speculation, Vulnerability, Windows Server. Comments: None

A freelance security consultant in China wrote the exploit code targeting Internet Explorer 6 that was used in the attacks on Google and others, according to a published report.
The unidentified programmer had posted pieces of the exploit to a hacking forum, and Chinese officials had “special access” to his work, the Financial Times reported on [...] Read more »

Posted on February 28th, 2010 under Attacks, China, Cyber Politics, Cyber Terrorism, Cyber War, Cyber War Insights, Cyberwar Stories, Exploits & Hacks, Internet Monitoring. Tags: Chinese Officials, Chinese Programmer, Cyber Attack, Exploit, Google, Hacking Forum, Researcher, Ties, Vulnerability. Comments: None

US investigators are hot on the trail of an enigmatic Chinese hacker who allegedly developed the “critical” programming code used to attack Google and other western companies.
According to the Financial Times, positive identification of the accused hacker would make it “far harder” for the Chinese government to deny its involvement in the recent cyber offensive.
“A [...] Read more »

Posted on February 28th, 2010 under China, Cyber Terrorism, News From The Cyber Front. Tags: Chinese Government, Chinese Hacker, Chinese Officials, Exploit, Google, Hot On The Trail, Programming Code, Security Hole, Track Hacker. Comments: None

In April 2008, Microsoft released Security Advisory 951306 to alert users of a vulnerability in Microsoft Windows. This vulnerability may allow local users, or users who can legitimately run code in the context of IIS or SQL Server, to operate with elevated privileges. Recently, Microsoft Security Response Center (MSRC) posted several blog entries indicating that [...] Read more »

Posted on October 29th, 2008 under Security Alerts, U.S. Cert Activity. Tags: April, Exploit, Microsoft, Microsoft Security Response Center, Microsoft Updates, Microsoft Windows, Msrc, Privileges, Rest Of The Story, Security Advisory, Security Response Center, Vulnerability. Comments: None