Exploit detection service EdgeSpot says it has spotted several PDF documents that exploit a zero-day vulnerability in Chrome to collect information on users who open the files through Google’s web browser. EdgeSpot claims to have identified several samples in the wild. When one of the PDFs is opened with Chrome, a document […]
0day
8 posts
Last weekend a security researcher publicly disclosed a zero-day vulnerability in Windows 10, Windows 8.1 and Server editions after Microsoft failed to patch it in the past three months. The zero-day memory corruption flaw resides in the implementation of the SMB (server message block) network file sharing protocol that could […]
Everyone knows about the joint USA and Israeli malware called Stuxnet that was designed to put a halt to the Iranian nuclear program. According to the new Documentary film Zero Days http://www.imdb.com/title/tt5446858/ Stuxnet was really called Operation Olympic Games. This was from an Anonymous NSA employee that work in TAO, which […]
A zero-day vulnerability affecting the latest version of Adobe Flash Player and all previous ones is being actively exploited in limited, targeted attacks, the company has announced on Tuesday. The flaw (CVE-2016-4171) exists in Adobe Flash Player and 21.0.0.242 and earlier versions for Windows, Macintosh, Linux, and Chrome OS, and […]
Same origin violation and local file stealing via PDF reader Security researcher Cody Crews reported on a way to violate the same origin policy and inject script into a non-privileged part of the built-in PDF Viewer. This would allow an attacker to read and steal sensitive local files on the […]
Internet users should take renewed caution when using both Adobe Flash and Oracle’s Java software framework; over the weekend, three previously unknown critical vulnerabilities that could be used to surreptitiously install malware on end-user computers were revealed in Flash and Java. The Java vulnerability is significant because attackers are actively exploiting […]
Adobe Systems Inc. says its plans to issue a patch on Wednesday to fix a zero-day vulnerability in its Flash Player software that is reportedly being exploited in active attacks. The flaw was disclosed publicly over the weekend after hackers broke into and posted online hundreds of gigabytes of data from […]
Hacking Team documentation accompanying the Flash exploit said it targeted “the most beautiful Flash bug for the last four years,” according to a blog post published Wednesday by researchers from antivirus provider Trend Micro. The use-after-free flaw resides in a Flash Bytearray object. Researchers at competing AV company Symantec have […]