Posts Tagged ‘zero-day vulnerabilities’

Hacking Team hackedHacking of a spy cyber security firm “The Hacking Team”: Most Interesting articles

Here we provide 10 the most interesting and informative articles related to major hacking of a spy cyber security firm “The Hacking Team”.

The Italian company, Hacking Team is among a handful of companies that offer surveillance tools to law enforcement around the world. The Italian company is well-known for its controversial operations, helping governments and various intelligence agencies spy on citizens.

Hacking Team says its tools enable investigators to obtain information even if targets encrypt their communications to protect them.

5th July 2015, this Italian cyber security firm has itself become the victim of a hacking attack. (more…)

Hurricane PandaCrowdStrike Discovers Use of 64-bit Zero-Day Privilege Escalation Exploit (CVE-2014-4113) by Hurricane Panda

Initially, a sample of the virus was detected on a machine running 64-bit Windows Server 2008 R2.

A highly organized hacker group Hurricane Panda, located, apparently in China and attacking companies with a large infrastructure, uses in their attacks the exploit to zero-day vulnerabilities in the products of Microsoft. The duration of the attack was more than 5 months. According to researchers at CrowdStrike, the first detected attack, was produced in the spring of this year. (more…)


Microsoft Security Bulletin

Eight security bulletins contain patches for 24 vulnerabilities, including three critical.

On the Tuesday, October 14, Microsoft has released scheduled security updates, for its products. Unlike the past couple of releases, this release is complete, correcting just three zero-day vulnerabilities.

Eight security bulletins contain patches for 24 flaws in Windows, Internet Explorer, Office and .Net framework. Three of them are critical, so administrators need to test and install the update immediately. Note that one bulletin fixes several vulnerabilities. (more…)

Java DangerLess than in a day after the Oracle developers corrected a dangerous gap in Java allowing far off to compromise target system on the basis of Windows OS, at underground Internet forums started sales of exploit for the next vulnerability of zero day in this platform.

According KrebsOnSecurity, one of the administrators of the hacker’s resource, whose name was not disclosed, posted a message that he is willing to sell the source code for the two immediately exploit zero-day vulnerabilities in Java. With this software should get to the first two customers for $ 5K

The report also noted that these gaps appear in Java 7 Update 11 and have not yet been included in any hacking tools offered by the network. According to the newspaper, the first sale was made shortly after the publication of the advertisement. (more…)