Security Alerts & News
by Tymoteusz A. Góral

History
#1153 Exploit kits quickly adopt exploit thanks to open source release
A security researcher recently published source code for a working exploit for CVE-2016-0189 and the Neutrino Exploit Kit (EK) quickly adopted it.

CVE-2016-0189 was originally exploited as a zero-day vulnerability in targeted attacks in Asia. The vulnerability resides within scripting engines in Microsoft’s Internet Explorer (IE) browser, and is exploited to achieve Remote Code Execution (RCE). According to the researcher’s repository, the open source exploit affects IE on at least Windows 10. It is possible that attackers could use or repurpose the attack for earlier versions of Windows.

Microsoft patched CVE-2016-0189 in May on Patch Tuesday. Applying this patch will protect a system from this exploit.
Read more
#1156 Ubuntu linux forums hacked - IP address, username and email of 2M accounts compromised
#1155 Now ransomware is taking aim at business networks
#1154 Juniper patches high-risk flaws in Junos OS
#1153 Exploit kits quickly adopt exploit thanks to open source release
#1152 Crypto flaw made it easy for attackers to snoop on Juniper customers
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12