Latest Java zero-day exploit renews calls to disable it
Oracle contributes to the problem by not working more closely with the security industry on Java defenses, one security expert said
Oracle contributes to the problem by not working more closely with the security industry on Java defenses, one security expert said
When Adobe last week issued an <a href="https://www.adobe.com/support/security/advisories/apsa11-04.html">advisory</a> about a dangerous <a href="http://www.networkworld.com/news/2011/120611-hackers-exploit-adobe-reader-zero-day-253810.html">zero-day attack</a> based on an unpatched Adobe Reader vulnerability that was being exploited in the wild to try and seize control of both PCs and Macs, it credited Lockheed Martin for sounding the alarm about it.
Zero-day exploits are nerve-racking for IT professionals but are far less dangerous than unpatched older vulnerabilities for which fixes are available, Microsoft says.
Identity thieves are offering a person's credit-card number, date of birth and other sensitive information for as little as US$14 over the internet, says a new report on online threats released this week.
A bug hunter who had promised to disclose one zero-day bug in Oracle databases every day for a whole week in December has abruptly canceled his plans to do so.
It’s air-points with a difference — the Zero Day Initiative (ZDI) is a 3Com TippingPoint programme that pays security researchers for finding unpublished vulnerabilities and reporting them to TippingPoint.
Attackers are exploiting the zero-day VML vulnerability on Windows-based machines by targeting a separate hole in cpanel, an application that’s popular with web hosting services.
The risk of zero-day exploits is increasing as cyber-criminals become more sophisticated and better organised, says Robert Pregnell, Symantec’s Asia Pacific regional product marketing manager for endpoint security and compliance solutions.
Bob Bales and Roger Thompson hit it big with their last venture, antispyware company PestPatrol. Now the two have launched a new company. Their target: drive by downloads and zero day exploits, like the recent Windows Meta File (WMF).