A vulnerability has been discovered in Microsoft’s web browser, Internet Explorer, which could allow an attacker to take complete control of an affected system. Exploitation may occur if a user visits or is redirected to a web page which is specifically crafted to take advantage of the vulnerability. Successful exploitation of this vulnerability could result… Continue Reading
April 23, 2013 – A vulnerability has been discovered in Oracle Java Runtime Environment (JRE) that can lead to remote code execution. The Java Runtime Environment is used to enhance the user experience when visiting websites and is installed on most desktops and servers. This vulnerability may be exploited if a user visits or is… Continue Reading
OVERVIEW: Multiple security updates have been released for Adobe Flash Player and Adobe AIR. Adobe Flash Player and Adobe AIR are widely distributed multimedia and application players used to enhance the user experience when visiting web pages or reading email messages. Adobe Flash Player is prone to seventeen vulnerabilities that could allow for remote code… Continue Reading
April 3, 2013 – Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, and SeaMonkey applications, which could allow for remote code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Thunderbird is an email client. Mozilla SeaMonkey is a cross platform Internet suite of tools ranging from a web browser… Continue Reading
Multiple vulnerabilities have been discovered in Adobe Flash Player that could allow an attacker to take control of the affected system. Adobe Flash Player is a multimedia application for multiple platforms. Successful exploitation could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user,… Continue Reading
A vulnerability has been discovered in Mozilla Firefox, Thunderbird, and SeaMonkey applications, which could allow remote code execution. Successful exploitation of these vulnerabilities could result in either an attacker gaining the same privileges as the logged on user, or gaining session authentication credentials. Depending on the privileges associated with the user, an attacker could install… Continue Reading
Multiple vulnerabilities in Google Chrome could allow remote code execution, the bypass of security restrictions, or cause denial-of-service conditions. Google Chrome is a web browser used to access the Internet. Some of the vulnerabilities can likely be exploited if a user visits, or is redirected to a specially crafted web page. Successful exploitation of these… Continue Reading
The most recent versions, including Java 6u41 and 7u15, are vulnerable (again). This vulnerability is being actively exploited in the wild and the exploit installs a remote access trojan and then connects over HTTP to a command & control server. No patch has been released yet. Please disable Java when you are not using it… Continue Reading
Adobe is aware of reports that CVE-2013-0643 and CVE-2013-0648 are being exploited in the wild in targeted attacks designed to trick the user into clicking a link which directs to a website serving malicious Flash (SWF) content. The exploit for CVE-2013-0643 and CVE-2013-0648 is designed to target the Firefox browser for Windows, Macintosh, and Linux. … Continue Reading
The website NBC.com and other NBC websites were hacked and compromised by malware for a few hours around Thursday 12pm PST with RedKit malware. MS-ISAC received reports and independently confirmed that the website www.nbc.com contains a malicious iframe which includes links to the following URLs: flying-gators-mac[.]com/mtnk.htm finesseindia[.]com/mtnk.htm toplineops[.]com/mtnk.html nikweinstein[.]com/cl/google.php moi-npovye-sploett[.]com/qqqq/1.php walterjeffers[.]com symptomshighbloodpressure[.]org store.thermosolutionsinternational[.]com/ctuk.html Please note… Continue Reading