Tag Archives: exploit

Evernote hack results in forced password change

Evernote is a really cool app. I use it heavily in conjunction with David Allen’s “Getting Things Done” system to organize my day and achieve my goals. I also use it for more mundane tasks such as grocery lists. I use it on my PC, my iPad, and my Android phone – it syncs up […]

Apple also a victim of targeted malware attack

Apple revealed today that they were targeted by the same malware attack leveled against Facebook on February 1st. The earlier comments by Facebook hinted at a working group of high-value targets and Apple now appears to be among them. The attack took advantage of a previously unknown Java zero-day exploit to infect the engineers’ computers […]

Adobe has scheduled an update for last week’s Acrobat zero-day

Adobe announced in a blog post that they will issue updates for version XI, X, and 9 to close the zero-day hole revealed last week. The patch will be released for Windows, Linux, and Macintosh operating systems. All users are advised to install the patch as soon as it becomes available. Thom Infotech encourages Adobe […]

Facebook is apparent victim of a Java zero-day attack

Facebook has confirmed that they were a victim of a targeted attack that leveraged a previously unknown Java vulnerability. The zero-day exploit was used to infect the laptops of several engineers with malware that apparently was used to attempt a full-scale infiltration of the inner sanctum of Facebook. Facebook reported that all of the infected […]

New Adobe Acrobat Zero-Day Reported

Researchers from the respected malware research firm FireEye today reported a zero-day flaw that is actively being exploited in the wild. They reportedly observed successful exploitation of the latest Adobe PDF Reader 9.5.3, 10.1.5, and 11.0.1. It is assumed that earlier versions are also vulnerable though this has not been confirmed. In the words of […]

Adobe issues two Flash zero-day patches

Today, a Security Bulletin (APSB13-04) has been posted to address security issues in Adobe Flash Player 11.5.502.146 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.261 and earlier versions for Linux, Adobe Flash Player 11.1.115.36 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.31 and earlier versions for Android 3.x and […]

Oracle releases emergency patches for Java

Oracle has released a sizable number of patches for Java to address 50 vulnerabilities affecting both the browser versions as well as the server. The “Critical Patch Update February 2013” (CPU) for Java had been scheduled for February 19th, but due to one of the vulnerabilities being exploited in the wild, the company brought the […]

UPnP to be the next mega-exploit?

The Department of Homeland Security urged computer users on Tuesday to disable a common networking technology feature, after researchers warned that hackers could exploit flaws to gain access to tens of millions of vulnerable devices. The U.S. government’s Computer Emergency Readiness Team, on its website, advised consumers and businesses to disable a feature known as […]

Seriously… not another Java zero-day attack?

I’m not kidding. Heck, I might even be wrong. But it appears as though the administrator of a hacker forum has sold weaponized and full source code versions of the new zero-day exploit. There are reasons for doubt, however. According to Brian Krebs, the exploit was purportedly limited in its sale to only two buyers […]

Why did I get a virus?!

For crying out loud… How did this happen? You’re just surfing along, minding your own business and BAM – some bogus-looking thing pops up claiming you have 300 infected files and you need to pay $70 to get your computer cleaned. Or, like my elderly neighbor over the past weekend, you get a scary full-screen […]