Previous
Apple QuickTime Zero-day Flaw 'extremely Critical'
News With Internet Explorer versions 6 and 7, and the Safari 3 beta, the attack appears to be prevented because standard buffer overflow prevention processes act before any damage can be done, Florio wrote.
[November 26, 2007, 11:46]
IE Zero Day And Web Attacker Kit: A Special Report
White Papers How can a user maintain computer security when bad guys sell anyone attack kits online that exploit the very latest vulnerabilities in Microsoft software?
[November 28, 2006, 23:00]
Second Zero-day Excel Flaw Emerges
News Attack code for a new security hole in Excel has surfaced on the Internet, just as Microsoft is scrambling to respond to a separate bug in the spreadsheet program. The latest vulnerability could cause Excel to crash after a malicious file is opened...
[June 21, 2006, 10:15]
Peakflow Defends Networks Against Zero-Day Threats
White Papers Arbor Networks’ Peakflow solution was instrumental in protecting many service provider networks - and their customers - from the impact of this attack. At approximately 12:30am EST on January 25, the Sapphire worm - also known as Slammer and SQLExp...
[November 20, 2003, 23:00]
Microsoft Besieged By Zero-day Attacks
News For the attack to be carried out, a user must first open a malicious PowerPoint file attached to an email or otherwise provided to them by an attacker, Microsoft said in a security advisory. Microsoft on Wednesday warned of "limited zero-day...
[September 28, 2006, 9:20]
New Website Tracks Zero-day Flaws
News Microsoft's patch day is on the second Tuesday of each month, and the company doesn't break its cycle unless an attack has a widespread impact. eEye Digital Security has launched a website that tracks publicly released security bugs that don't have...
[December 6, 2006, 8:41]
Microsoft Issues Excel Zero-day Warning
News Microsoft is warning of an Excel-focused zero-day attack that affects several versions of its Office software, including one for Macs. In its security advisory issued on Friday, Microsoft warns people of a "very limited" zero-day attack that takes...
[February 6, 2007, 8:44]
ShieldGen: Automatic Data Patch Generation For Unknown Vulnerabilities With Informed Probing
White Papers This paper presents ShieldGen, a system for automatically generating a data patch or a vulnerability signature for an unknown vulnerability, given a zero-day attack instance. The key novelty in the work is that the authors leverage knowledge of the...
[May 23, 2007, 0:00]
MacBook Hacked In Security Contest
News The successful attack on the second and final day of the contest required a conference organiser to surf to a malicious website using Safari on the MacBook — a type of attack familiar to Windows users.
[April 23, 2007, 10:31]
'Critical' Office Patch To Be Released
News Earlier this week, Microsoft's Word 2000, which is part of the productivity suite, was hit with a zero-day attack that could compromise systems remotely. And in June, an Excel vulnerability was the target of a zero-day attack.
[September 8, 2006, 9:25]
International Cyberattack Drill Tests Nations' Responses
News A zero-day attack is one where the organisation being attacked has had no time to prepare. Security or war-game simulations often involve "red teams", which are attack forces used to reveal weaknesses in defence.
[April 10, 2008, 11:22]
Experts Gather For Cybercrime Conference
News Additionally, we will be reviewing vulnerability exploitation trends, with a specific focus on the usage of zero-day vulnerabilities, to attack customers. These new trends include use of subdomains, more man-in-the-middle style attacks and changing...
[January 22, 2007, 15:11]
Microsoft Leaves Word Flaws Unpatched
News Opening rigged files could trigger the flaws and allow an attack to occur, Microsoft said. The tenth hole is in Windows and is similar to a bug Microsoft rushed out a fix for in September after Windows users came under attack.
[January 10, 2007, 8:52]
Hackers Lured Into Sweeter Honeypot
News The honeypot is a jucy-looking decoy, designed to lure hackers away from the actual network or server they were attempting to attack. Honeypots solve a major problem of intrusion-detection systems, which frequently flag innocuous network traffic as...
[April 14, 2003, 12:30]
New Security Hole Found In MS Word
News Exploitation of the security hole so far is only known as part of a single, targeted attack, Symantec said. The targeted attack can bypass spam filters, and Symantec's antivirus software doesn't yet detect the particular Word file as malicious...
[May 22, 2006, 9:45]
How To Defend Your Network From Sudden Zero-Day Attacks
White Papers This strongly suggests that the Spyware, virus, Trojan, worm or hack most likely to pierce your security is one that will not be recognized by your antivirus signature files at the time of the attack.
[July 26, 2005, 0:00]
The Evolving Threat: Combat Training For The New Era Of Malicious Code
White Papers Largely signature-based, these legacy security products rely on known attack signatures. When one of these attack signatures is recognized the older security systems sound an alarm and may attempt to block the attack.
[July 6, 2007, 0:00]
Top Executives Face Personal Malware Threat
News Hackers have targeted 500 key business executives in what is believed to be the first mass-targeted malware attack, according to security vendor MessageLabs. MessageLabs said it did not know who had perpetrated the attack.
[July 2, 2007, 12:36]
Hackers Striking More Suddenly
News While some security experts point to zero-day exploits -- code that takes advantage of previously unknown vulnerabilities -- as a growing threat, a greater number are stressing the danger of online attackers' ability to quickly turn around attack...
[July 29, 2004, 9:20]
Windows Cursor Exploit Spreads
News The hole in the Windows animated cursor, which was flagged in a Microsoft advisory on Thursday, has moved from a targeted attack to one that is widespread, said Johannes Ullrich, chief research officer for the Sans Institute, which also issued an...
[April 2, 2007, 11:05]
