Latest Exploit Stories

Michael Harper for redOrbit.com – Your Universe Online A zero-day flaw has been found in Microsoft’s Internet Explorer 8 (IE8), a four year old version of their popular web browser. Security experts and Microsoft alike have pointed out this flaw which has been found to be used by Chinese hackers to target US nuclear researchers in watering-hole attacks. According to security experts at Invincea, the Department of Labor (DoL) was compromised on May 1 to redirect visitors to a website...

Michael Harper for redOrbit.com – Your Universe Online Almost as if on schedule, it’s been discovered yet another Java zero-day exploit is being used to attack computers. This exploit not only follows an extensive line of exploits just like it, it also follows a month riddled with a number of high-profile attacks against Twitter accounts and popular tech companies. If you haven't yet done so, this new attack should act as another reminder to completely disable Java from your...

Michael Harper for redOrbit.com – Your Universe Online Not even 24 hours after Oracle released a fix for the latest in a string of Java exploits, cyber criminals are already reportedly selling a completely different zero-day Java exploit. The most recent fix for Java 7 was meant to patch a security hole that had become so well known, exploits were being packaged and sold in cybercrime “toolkits.” According to Krebs on Security, one cyber criminal in the “Underweb” is selling...

redOrbit Staff & Wire Reports – Your Universse Online A vulnerability in Java that hackers have been exploiting to infect computers with malware will be patched in the near future, the company that developed the software has announced. According to Jim Finkle of Reuters, Redwood City, California-based Oracle Corporation released a statement late Friday night that said a fix for the exploit would be “available shortly.” That announcement came one day after the US Department of...

redOrbit Staff & Wire Reports - Your Universe Online Samsung Smart TVs connected to the Internet are vulnerable to exploits by remote hackers, security researchers said on Wednesday. Luigi Auriemma, a researcher with Malta-based security firm ReVuln, uncovered the vulnerability, which exists in most Samsung models but particularly the Samsung TV LED 3D. The flaw makes it easy for hackers to locate the television’s IP address on the Internet, which can then be used to remotely...

redOrbit Staff & Wire Reports – Your Universe Online The group which unleashed the Hydraq or Aurora Trojan horse against Google and 34 other companies in 2009 has also been linked to attacks that have compromised systems at defense contractors, human rights organizations, and other groups, according to one computer security firm. In a report released on Friday, Symantec officials revealed that they had been monitoring the group's activities and discovered that they had used "a...

Michael Harper for redOrbit.com – Your Universe Online Earlier this week, a zero-day flaw vulnerability in Java was discovered, making both Mac and Windows machines vulnerable to drive-by attacks as they surfed the web. When it was first discovered, this flaw was being used to attack a Chinese web server and not much else. Many members of the hacking and security community got a hold of this Java exploit, however, making its use increasingly widespread. Not long after, the exploit was...

UPDATED: Firefox was not compromised in last year’s contest, as confirmed in this blog post. Many thanks to the Mozilla Team for bring this to our attention. ------------- At the 2011 CanSecWest Pwn2Own hacker contest, Google Chrome was the one of the browsers that challengers could not break into. Fast forward to the 2012 challenge, and Chrome was the first to fall, thanks to a team of French hackers who found a previously unknown vulnerability in the software. VUPEN, a...

Security Industry Leader Releases New Version of Retina Vulnerability Scanner with Exploit Identification and Right-click Metasploit Integration Phoenix, AZ (PRWEB) July 11, 2011 eEye Digital Security, a provider of IT security and unified vulnerability management solutions, today announced that the latest release of its Retina Network Security Scanner, as well as the corresponding free version of the product, Retina Community, will both now include exploit identification and right-click...

Just hours after a hacking toolkit published an exploit for a computer bug, Microsoft confirmed an unpatched vulnerability in its Windows browser that could pick it up, but did say a patch for the bug was under construction for its next update. Microsoft said Tuesday that it would not issue an emergency update for the bug, however. The patch will not be available until January 11. "Microsoft already has an outstanding zero-day in IE, a WMI active X control bug that Secunia issued a warning...