also @ TechSpot: Adobe Creative Cloud apps now available; Photoshop CC includes new features

TechSpot News

exploit articles


Google will make critical security exploits known after a week

Google will make critical security exploits known after a week
  • Posted May 30, 2013, 11:30 AM by Dave LeClair | Filed in The Web, IT Security
  • Google and its team of security researchers are known for catching some of the biggest security exploits in other companies' products. Normally, the period for revealing a flaw to the general public is 60 days, which gives the affected company…

Blizzard implements fix for gold duplication bug in Diablo III

Blizzard implements fix for gold duplication bug in Diablo III
  • Posted May 8, 2013, 8:00 PM by Shawn Knight | Filed in Gaming
  • Diablo III’s woes continue as the gold and real-money auction houses have been taken offline by Blizzard after a bug was discovered in the latest patch. Said exploit allowed players to duplicate gold in the auction house with some using…

Spotify patches web player exploit that allowed free MP3 downloads

Spotify patches web player exploit that allowed free MP3 downloads
  • Posted May 8, 2013, 4:00 PM by Shawn Knight | Filed in IT Security
  • Spotify recently patched an exploit that allowed Chrome users to download any of the company’s 20 million songs free and clear. By using a browser extension called Downloadify, subscribers were able to take advantage of an exploit (or simple lack…

Adobe issues emergency Flash update, warns of active exploits on Windows and OS X

Adobe issues emergency Flash update, warns of active exploits on Windows and OS X
  • Posted February 8, 2013, 2:30 PM by Jose Vilches | Filed in IT Security, Software Breaking News
  • Adobe has released a patch for two Flash player vulnerabilities that are being actively exploited against Windows and OS X users to install malware on their systems. The first of them, CVE-2013-0633, works by tricking Windows users into opening a…

New zero-day Java exploit selling in online forum for $5,000

New zero-day Java exploit selling in online forum for $5,000
  • Posted January 16, 2013, 1:00 PM by Jose Vilches | Filed in IT Security, Industry News
  • Earlier this week Oracle rushed out a fix for a critical bug in Java that was reportedly being widely exploited by malicious sites to remotely execute code on a victim’s machine. Well, it only took one day after the patch…

Microsoft to fix critical Internet Explorer vulnerability today

Microsoft to fix critical Internet Explorer vulnerability today
  • Posted January 14, 2013, 12:00 PM by Shawn Knight | Filed in Software, Microsoft
  • Microsoft will be releasing an out-of band patch later today to fix a critical zero-day flaw affecting Internet Explorer versions 6,7 and 8. The vulnerability allows hackers to execute code remotely in the event that a user visits an infected website.

New zero-day vulnerability in Java being widely exploited (Updated)

New zero-day vulnerability in Java being widely exploited (Updated)
  • Posted January 14, 2013, 1:54 AM by Jose Vilches | Filed in IT Security
  • Three days after a critical Java vulnarability was widely reported, Oracle has issued an update to shut down the potential exploit and secure browsers using Java. You can update to Java SE 7u11 to secure your PC (or disable Java altogether). The security hole made browsers vulnerable to remote exploits when visiting a malicious website.

Exploit bypasses Adobe Reader's sandbox, being sold for $30-50k

Exploit bypasses Adobe Reader
  • Posted November 8, 2012, 6:00 PM by Matthew DeCarlo | Filed in IT Security, The Web With Video
  • Russian security firm Group-IB has found a zero-day flaw in Adobe Reader that bypasses the program's sandbox protection. Currently available on the black market for $30,000 to $50,000, the exploit allows attackers to sidestep the application's "Protected Mode," which was…

Security researchers discover vulnerability in Steam URL protocol

Security researchers discover vulnerability in Steam URL protocol
  • Posted October 18, 2012, 12:30 PM by Shawn Knight | Filed in IT Security, Gaming With Video
  • Security researchers from ReVuln have discovered a zero-day vulnerability in Valve’s Steam browser protocol. The exploit can allow an attacker to remotely exploit bugs in the Steam client or directly in games which can ultimately be used to run malicious…

Hackers use exploit to massacre entire cities in World of Warcraft

Hackers use exploit to massacre entire cities in World of Warcraft
  • Posted October 8, 2012, 1:00 PM by Shawn Knight | Filed in Gaming
  • An exploit in World of Warcraft recently enabled a group of hackers to wreak havoc on large cities across a number of servers. The hackers were able to massacre entire cities unimpeded for nearly four hours, killing all players and…

Researcher uncovers new Java exploit, 1 billion Macs and PCs at risk

Researcher uncovers new Java exploit, 1 billion Macs and PCs at risk
  • Posted September 26, 2012, 1:30 PM by Shawn Knight | Filed in IT Security, Software
  • Security researcher Adam Gowdiak has uncovered a new zero-day vulnerability in Oracle’s Java software. The bug is said to be present in currently-supported versions including Java 5, Java 6 and Java 7 and has the potential to allow attackers to…

Mozilla warns Firefox users to disable Java over zero-day exploit

Mozilla warns Firefox users to disable Java over zero-day exploit
  • Posted August 30, 2012, 1:00 PM by Lee Kaelin | Filed in IT Security, The Web
  • Mozilla has warned Firefox users to disable Oracle's Java software framework plugin after researchers discovered that cybercriminals are actively exploiting yet another zero-day vulnerability in the cross-platform software. Atif Mushtaq, a security researcher for FireEye, first discovered...

Google announces Pwnium 2, $2m in rewards for Chrome hacks

Google announces Pwnium 2, $2m in rewards for Chrome hacks
  • Posted August 17, 2012, 10:33 AM by Jose Vilches | Filed in IT Security, Software
  • Google has announced it will host a second Pwnium hacking competition this October after withdrawing support for TippingPoint's annual Pwn2Own back in February. The event will take place at the Hack In The Box security conference in Malaysia.  This time…

Microsoft urges Windows Vista, 7 users to disable desktop gadgets

Microsoft urges Windows Vista, 7 users to disable desktop gadgets
  • Posted July 11, 2012, 1:30 PM by Matthew DeCarlo | Filed in Microsoft, IT Security
  • In a security advisory Tuesday, Microsoft urged Windows Vista and 7 users to download a tool that disables the operating system's sidebar and gadgets. The company warned that insecure gadgets could be used to run arbitrary code on a computer...

Internet Explorer zero-day flaw being used to target Gmail accounts

Internet Explorer zero-day flaw being used to target Gmail accounts
  • Posted June 14, 2012, 9:30 AM by Shawn Knight | Filed in IT Security
  • A new zero-day exploit in Internet Explorer making the rounds has security experts from Microsoft and Google on their heels. The drive-by flaw is being used to gain access to Gmail accounts and remains unpatched as of writing, although Microsoft…

Max Payne 3 multiplayer cheaters forced to play with each other

Max Payne 3 multiplayer cheaters forced to play with each other
  • Posted June 13, 2012, 3:30 PM by Matthew DeCarlo | Filed in Gaming
  • Given the complexity of modern games, they inevitably ship with glitches and vulnerabilities. Such is the case with Max Payne 3, which has a problem with multiplayer cheaters using invincibility hacks, infinite adrenaline exploits and more. Although most people are honest...

Exploit allows command prompt to launch at Windows 7 login screen

Exploit allows command prompt to launch at Windows 7 login screen
  • Posted May 29, 2012, 9:30 AM by Shawn Knight | Filed in IT Security, Microsoft
  • An unpatched exploit in Windows 7, Windows Server 2008 R2 and Windows 8 Consumer Preview allows a user to launch an elevated command prompt by manipulating the sticky keys function. The hack requires very little knowledge and can be exploited…

F-Secure provides free Flashback removal tool for Mac users

F-Secure provides free Flashback removal tool for Mac users
  • Posted April 12, 2012, 9:30 AM by Lee Kaelin | Filed in Apple, Industry News
  • F-Secure has come to the aid of Apple Mac owners infected with the Flashback malware, announcing a free removal script for OS X. At its peak on April 6, an estimated 600,000 systems running OS X were said to be infected.

Google wants hackers to hammer on Chrome for $1 million

Google wants hackers to hammer on Chrome for $1 million
  • Posted February 28, 2012, 6:30 PM by Matthew DeCarlo | Filed in IT Security, Software
  • Google has withdrawn support for TippingPoint's annual Pwn2Own hacking competition following rule changes. Previously, entrants were required to reveal all the details about exploits used to compromise security. That stipulation no longer exists and folks are allowed to enter 2012's…

Hackers exploit zero day vulnerability in Adobe Reader and Acrobat

Hackers exploit zero day vulnerability in Adobe Reader and Acrobat
  • Posted December 7, 2011, 9:30 AM by Lee Kaelin | Filed in IT Security
  • Adobe confirmed yesterday that its Adobe Reader software contains a zero-day vulnerability, crediting the security team at Lockheed Martin, which itself was a victim of an attack through the exploit, and members of the Defense Security Information Exchange for discovering…

Apple developer booted after revealing iPhone exploit

Apple developer booted after revealing iPhone exploit
  • Posted November 8, 2011, 9:30 AM by Lee Kaelin | Filed in Apple, IT Security With Video
  • Security researcher Charlie Miller has been kicked out of Apple's developer program after he revealed details of a security flaw in their iOS operating system. Miller announced the news on his Twitter account yesterday afternoon, saying, "OMG, Apple just kicked me…

1the archive »

TechSpot on:

Subscribe to TechSpot

Get free exclusive content, learn about new features and breaking tech news.