Sign up for a new account or log in here:
TechSpot News
exploit articles
Google will make critical security exploits known after a week
- Google and its team of security researchers are known for catching some of the biggest security exploits in other companies' products. Normally, the period for revealing a flaw to the general public is 60 days, which gives the affected company…
Blizzard implements fix for gold duplication bug in Diablo III
- Diablo III’s woes continue as the gold and real-money auction houses have been taken offline by Blizzard after a bug was discovered in the latest patch. Said exploit allowed players to duplicate gold in the auction house with some using…
Spotify patches web player exploit that allowed free MP3 downloads
- Spotify recently patched an exploit that allowed Chrome users to download any of the company’s 20 million songs free and clear. By using a browser extension called Downloadify, subscribers were able to take advantage of an exploit (or simple lack…
Adobe issues emergency Flash update, warns of active exploits on Windows and OS X
- Adobe has released a patch for two Flash player vulnerabilities that are being actively exploited against Windows and OS X users to install malware on their systems. The first of them, CVE-2013-0633, works by tricking Windows users into opening a…
New zero-day Java exploit selling in online forum for $5,000
- Earlier this week Oracle rushed out a fix for a critical bug in Java that was reportedly being widely exploited by malicious sites to remotely execute code on a victim’s machine. Well, it only took one day after the patch…
Microsoft to fix critical Internet Explorer vulnerability today
- Microsoft will be releasing an out-of band patch later today to fix a critical zero-day flaw affecting Internet Explorer versions 6,7 and 8. The vulnerability allows hackers to execute code remotely in the event that a user visits an infected website.
New zero-day vulnerability in Java being widely exploited (Updated)
-
Three days after a critical Java vulnarability was widely reported, Oracle has issued an update to shut down the potential exploit and secure browsers using Java. You can update to Java SE 7u11 to secure your PC (or disable Java altogether). The security hole made browsers vulnerable to remote exploits when visiting a malicious website.
Exploit bypasses Adobe Reader's sandbox, being sold for $30-50k
- Russian security firm Group-IB has found a zero-day flaw in Adobe Reader that bypasses the program's sandbox protection. Currently available on the black market for $30,000 to $50,000, the exploit allows attackers to sidestep the application's "Protected Mode," which was…
Security researchers discover vulnerability in Steam URL protocol
- Security researchers from ReVuln have discovered a zero-day vulnerability in Valve’s Steam browser protocol. The exploit can allow an attacker to remotely exploit bugs in the Steam client or directly in games which can ultimately be used to run malicious…
Hackers use exploit to massacre entire cities in World of Warcraft
- An exploit in World of Warcraft recently enabled a group of hackers to wreak havoc on large cities across a number of servers. The hackers were able to massacre entire cities unimpeded for nearly four hours, killing all players and…
Researcher uncovers new Java exploit, 1 billion Macs and PCs at risk
- Security researcher Adam Gowdiak has uncovered a new zero-day vulnerability in Oracle’s Java software. The bug is said to be present in currently-supported versions including Java 5, Java 6 and Java 7 and has the potential to allow attackers to…
Mozilla warns Firefox users to disable Java over zero-day exploit
-
Mozilla has warned Firefox users to disable Oracle's Java software framework plugin after researchers discovered that cybercriminals are actively exploiting yet another zero-day vulnerability in the cross-platform software. Atif Mushtaq, a security researcher for FireEye, first discovered...
Google announces Pwnium 2, $2m in rewards for Chrome hacks
- Google has announced it will host a second Pwnium hacking competition this October after withdrawing support for TippingPoint's annual Pwn2Own back in February. The event will take place at the Hack In The Box security conference in Malaysia. This time…
Microsoft urges Windows Vista, 7 users to disable desktop gadgets
-
In a security advisory Tuesday, Microsoft urged Windows Vista and 7 users to download a tool that disables the operating system's sidebar and gadgets. The company warned that insecure gadgets could be used to run arbitrary code on a computer...
Internet Explorer zero-day flaw being used to target Gmail accounts
- A new zero-day exploit in Internet Explorer making the rounds has security experts from Microsoft and Google on their heels. The drive-by flaw is being used to gain access to Gmail accounts and remains unpatched as of writing, although Microsoft…
Max Payne 3 multiplayer cheaters forced to play with each other
-
Given the complexity of modern games, they inevitably ship with glitches and vulnerabilities. Such is the case with Max Payne 3, which has a problem with multiplayer cheaters using invincibility hacks, infinite adrenaline exploits and more. Although most people are honest...
Exploit allows command prompt to launch at Windows 7 login screen
- An unpatched exploit in Windows 7, Windows Server 2008 R2 and Windows 8 Consumer Preview allows a user to launch an elevated command prompt by manipulating the sticky keys function. The hack requires very little knowledge and can be exploited…
F-Secure provides free Flashback removal tool for Mac users
- F-Secure has come to the aid of Apple Mac owners infected with the Flashback malware, announcing a free removal script for OS X. At its peak on April 6, an estimated 600,000 systems running OS X were said to be infected.
Google wants hackers to hammer on Chrome for $1 million
- Google has withdrawn support for TippingPoint's annual Pwn2Own hacking competition following rule changes. Previously, entrants were required to reveal all the details about exploits used to compromise security. That stipulation no longer exists and folks are allowed to enter 2012's…
Hackers exploit zero day vulnerability in Adobe Reader and Acrobat
- Adobe confirmed yesterday that its Adobe Reader software contains a zero-day vulnerability, crediting the security team at Lockheed Martin, which itself was a victim of an attack through the exploit, and members of the Defense Security Information Exchange for discovering…
Apple developer booted after revealing iPhone exploit
- Security researcher Charlie Miller has been kicked out of Apple's developer program after he revealed details of a security flaw in their iOS operating system. Miller announced the news on his Twitter account yesterday afternoon, saying, "OMG, Apple just kicked me…
Most Popular
| Trending | Featured |
Subscribe to TechSpot
Get free exclusive content, learn about new features and breaking tech news.
TechSpot on: