Free Republic 4th Quarter Fundraising Target: $88,000 Receipts & Pledges to-date: $5,519
Woo hoo!! And the first 6% is in!! Thank you all very much!!

Keyword: exploits

Brevity: Headers | « Text »
  • Firefox once again proves to be the most vulnerable browser at Pwn2Own hackfest

    04/10/2014 10:33:23 PM PDT · by ari-freedom · 33 replies
    VR-Zone ^ | March 17, 2014 | Sam Reynolds
    CanSecWest wrapped up on Friday in Vancouver, and while there was a minor controversy over self-censorship of a talk said to be a “blueprint for terrorists”, the most watched part of the event once again proved to be the Pwn2Own hacking competition. Pwn2Own offered some serious cash incentives for teams to develop exploits for Chrome, Internet Explorer, Firefox and Safari. During the competition no browser proved invulnerable, but Firefox had the most security shortcomings with four separate exploits being developed for Mozilla’s browser. In comparison Internet Explorer, Chrome and Safari were all exploited only once... Historically Firefox has always been...
  • Fast-growing Flashback Botnet Includes Over 600,000 Macs, Malware Experts Say

    04/05/2012 5:45:29 AM PDT · by iowamark · 27 replies
    PCWorld ^ | Apr 5, 2012 | Lucian Constantin
    More than 600,000 Macs have been infected with a new version of the Flashback Trojan horse that's being installed on people's computers with the help of Java exploits, security researchers from Russian antivirus vendor Doctor Web said on Wednesday. Flashback is a family of Mac OS malware that appeared in September 2011. Older Flashback versions relied on social engineering tricks to infect computers, but the latest variants are distributed via Java exploits that don't require user interaction. On Tuesday, Apple released a Java update in order to address a critical vulnerability that's being exploited to infect Mac computers with the...
  • Domains Used in RSA Attack Taunted U.S.

    04/03/2011 5:15:43 PM PDT · by fours · 6 replies
    Krebs on Security ^ | March 30, 2011 | Brian Krebs
    Details about the recent cyber attacks against security firm RSA suggest the assailants may have been taunting the industry giant and the United States while they were stealing secrets from a company whose technology is used to secure many banks and government agencies. Earlier this month, RSA disclosed that “an extremely sophisticated cyber attack” targeting its business unit “resulted in certain information being extracted from RSA’s systems that relates to RSA’s SecurID two-factor authentication products.” The company was careful to caution that while data gleaned did not enable a successful direct attack on any of its SecurID customers, the information...
  • Millions of sites hit with mass-injection cyberattack (LizaMoon - instructions included)

    04/02/2011 9:25:45 AM PDT · by Libloather · 25 replies
    Computerworld ^ | 4/01/11 | Sarah Jacobsson Purewal
    Millions of sites hit with mass-injection cyberattackBy Sarah Jacobsson Purewal April 1, 2011 10:37 AM ET PC World - Hundreds of thousands -- and possibly millions -- of websites have been hit with a cyberattack that some are calling "one of the biggest mass-injection attacks we've ever seen." The attack was discovered on March 29 by security firm WebSense, and the injected domain was called -- thus, the name of the mass-injection is "LizaMoon." According to WebSense, LizaMoon uses SQL Injection to add malicious script to compromised sites. While the first injected domain was, additional URLs have since...
  • My virus, trojan, malware experience..and resolution

    03/29/2011 11:26:05 AM PDT · by Professional · 114 replies
    03/29/2011 | Professional
    Last week I got hit with a nasty set of viruses, malware, and trojans. One of the first things I did, was to check out Freerepublic to get some free advice. Unfortunately, it didn't help much, so I've decided to try and add some value here for folks that have something similar happen to them. My problems began, by using Google searches for information pertaining to the Japan Earthquake. Now, I suspect that part of these internet virus scams, is to embed the trouble in searches that are very popular at any given time. I took the advice of this...
  • Firefox users targeted by rare piece of malware

    12/04/2008 5:02:20 PM PST · by Mygirlsmom · 44 replies · 1,892+ views
    InfoWorld ^ | December 04, 2008 | Jeremy Kirk, IDG News Service
    Firefox users targeted by rare piece of malwareTrojan.PWS.ChromeInject.A, which registers itself in Firefox's system files as 'Greasemonkey,' collects passwords for banking sites By Jeremy Kirk, IDG News Service December 04, 2008 Researchers at BitDefender have discovered a new type of malicious software that collects passwords for banking sites but targets only Firefox users. The malware, which BitDefender dubbed "Trojan.PWS.ChromeInject.A" sits in Firefox's add-ons folder, said Viorel Canja, the head of BitDefender's lab. The malware runs when Firefox is started. [ Learn how to secure your systems with Roger Grimes' Security Adviser blog and newsletter, both from InfoWorld. ] The malware...
  • Internet Explorer Unsafe for 284 Days in 2006

    01/04/2007 1:20:49 PM PST · by Redcloak · 43 replies · 1,060+ views
    The Washington Post ^ | January 4, 2007; 6:45 AM ET | Brian Krebs
    Brian Krebs on Computer Security Internet Explorer Unsafe for 284 Days in 2006 Security Fix spent the past several weeks compiling statistics on how long it took some of the major software vendors to issue patches for security flaws in their products. Since Windows is the most-used operating system in the world, it makes sense to lead off with data on Microsoft's security updates in 2006. Click the graphic for data on 2006 IE patches. First, a note on the methodology behind this blog post: The data presented here builds on a project I began in late 2005 looking...
  • Report: Delgadillo backtracking on football exploits (Moonbeam's Dem primary opponent for CA AG)

    05/20/2006 11:32:57 PM PDT · by NormsRevenge · 6 replies · 394+ views
    City Attorney Rocky Delgadillo, who is running for state attorney general, has stopped claiming he won a football scholarship to Harvard University and an Academic All-American award while there. However, he still claims "a brief stint" as a professional football player even though a Canadian team has no record of him, the Los Angeles Times reported Saturday. Delgadillo has touted his athletic and university accomplishments in speeches and campaign ads over the past few years, along with his legal and political experience. However, the city attorney acknowledged earlier this month that he never played in a professional football game and...
  • Exploit turns up heat for Firefox flaw

    02/09/2006 9:50:40 AM PST · by ShadowAce · 81 replies · 1,514+ views
    CNet News ^ | 8 February 2006 | Joris Evers
    Computer code that could be used in cyberattacks on Firefox users has been released, increasing the urgency for people to upgrade to the latest version of the Web browser. The two pieces of exploit code, posted online earlier this week, take advantage of a security vulnerability in Firefox that Mozilla patched in an update Thursday. In response to the exploit release, the browser maker on Tuesday upgraded the severity rating of the flaw from "moderate" to "critical," its most serious rating. "This exploit was published after we released the update," said Mike Schroepfer, vice president of engineering at Mozilla....
  • Potential new unpatched IE exploit ? ~ Yes...may affect other Browsers also...

    12/28/2005 2:55:03 PM PST · by Ernest_at_the_Beach · 69 replies · 3,196+ views
    Websense Security Labs ^ | Dec 28 2005 11:19AM | Websense Security Labs Blog Staff
    This alert is a follow-up to a post made yesterday on our blog: Websense® Security Labs™ has discovered numerous websites exploiting an unpatched Windows vulnerability in the handling of .WMF image files. The websites which have been uncovered at this point are using the exploit to distribute Spyware applications and other Potentially Unwanted Soware. The user's desktop background is replaced with a message warning of a spyware infection and a "spyware cleaning" application is launched. This application prompts the user to enter credit card information in order to remove the detected spyware. The background image used and the "spyware...
  • Bomb-Maker Killed As US Exploits Ethnic Rifts In Al-Qa'eda (More)

    05/14/2005 6:35:53 PM PDT · by blam · 7 replies · 682+ views
    The Telegraph (UK) ^ | 5-15-2005 | Massoud Ansari/Philip Sherwell
    Bomb-maker killed as US exploits ethnic rifts in al-Qa'eda By Massoud Ansari in Karachi and Philip Sherwell in Washington (Filed: 15/05/2005) A leading al-Qa'eda bomb-maker has been killed in a US missile strike as America and Pakistan exploit worsening ethnic rifts within the terror network. The death of Haitham al-Yemeni comes shortly after Pakistan captured Osama bin Laden's suspected third-in-command using intelligence from disaffected militants. Abu Faraj al-Libbi was traced after exiled Uzbek fighters on the Pakistan-Afghan border who had fallen out with al-Qa'eda's Arab-dominated leadership gave Pakistani intelligence officials his mobile phone number.The capture of al-Libbi and death of...
  • Blaster rewrites Windows worm rules

    08/15/2003 7:09:10 PM PDT · by yhwhsman · 22 replies · 292+ views
    The Register ^ | Aug 14th, 2003 | John Leydon
    The Blaster worm, which continues to create chaos by crashing numerous vulnerable Windows machines across the Net, has changed the rules on malicious code attacks. Unlike Slammer or Nimda, home users have borne the brunt of the attack - although businesses of all sizes have also suffered. Blaster shatters the partially reassuring notion that email-borne nasties are the most significant threat for Harry Homeowner. Now updating patches and using perimeter security, always good ideas, have become prerequisites for Windows users. With the appearance of new variants of Blaster already appearing on the Net, its worth reviewing the nature of Blaster,...
  • Experts: Microsoft security gets an 'F'

    02/01/2003 10:04:19 PM PST · by B Knotts · 16 replies · 178+ views
    Reuters (via CNN) ^ | 2/1/2003 | Staff
    <p>SAN FRANCISCO, California (Reuters) -- Computer security experts say the recent "SQL Slammer" worm, the worst in more than a year, is evidence that Microsoft's year-old security push is not working.</p> <p>"Trustworthy Computing is failing," Russ Cooper of TruSecure Corp. said of the Microsoft initiative. "I gave it a 'D-minus' at the beginning of the year, and now I'd give it an 'F."'</p>
  • Sun patches two Solaris holes

    06/06/2002 3:53:11 PM PDT · by Bush2000 · 19 replies · 350+ views
    InfoWorld ^ | June 5, 2002 10:17 am PT | Sam Costello
    Sun patches two Solaris holes SUN MICROSYSTEMS RELEASED a patch that closed two security holes in its Solaris operating system Tuesday. The holes could have allowed an attacker to take control of vulnerable systems. The vulnerabilities affect the snmpdx and mibiisa agents that are components of versions 2.6, 7 and 8 of the company's Solaris operating system, according to an alert from Sun, in Palo Alto, Calif. The two affected agents both run with root privileges, the highest level of access on systems, and are part of the OS's SNMP (Simple Network Management Protocol) capabilities. The capabilities allow for device...