Neowin News Feed for: Exploits

GitHub now lets researchers privately report vulnerabilities to project maintainers

Paul Hill — Wed, 19 Apr 2023 22:50:01 +0000

GitHub users will now be able to privately report vulnerabilities to code maintainers. The feature was in public beta since last year but has been graduated to general availability. Read more...

Google Project Zero detected record high 0-day exploits in 2021, but it's not all bad news

Usama Jawad — Wed, 20 Apr 2022 07:18:01 +0000

Google's Project Zero team has published its findings for 0-day exploits in the year 2021. It detected the most 0-days in this year but some positive insights that can be drawn too. Read more...

Microsoft Windows under attack from Hafnium group's 'Tarrask' malware

Alap Naik Desai — Wed, 13 Apr 2022 00:26:01 +0000

The infamous Hafnium group which successfully targeted on-premises Microsoft Exchange servers is now going after Windows using Tarrask malware which evades detection by cleaning its activities. Read more...

Microsoft Weekly: Another round of updates, Inspire 2021, and shifting release dates

Florin Bodnarescu — Sun, 18 Jul 2021 15:30:01 +0000

The week that's just ending has brought news relating to Inspire 2021, the ever-present Patch Tuesday, and even a small helping of gaming news. Be sure to catch up via our very handy overview. Read more...

Latest Apple iOS 13 exploit can be overcome in two ways

Natalie Horan — Sun, 15 Sep 2019 12:16:01 +0000

Apple's IOS 13 users may have to upgrade their software to patch an exploit that was recently discovered by security researcher Jose Rodriguez. It allows anyone to bypass the screen lock. Read more...

US Navy is looking to buy zero-day and other exploits online

Vlad Dudau — Mon, 15 Jun 2015 06:56:01 +0000

The United States government is buying up zero-day and other types of digital exploits found in popular software. Their official stated goal is to use these in developing attack programs. Read more...

Microsoft has launched a bug bounty program for online services

Steven Johns — Sat, 27 Sep 2014 01:42:01 +0000

Expanding their bug bounty program, Microsoft is now offering a minimum of $500 as a reward for exploits found in their online services such as Office 365, Outlook, Yammer and Lync. Read more...

Microsoft offers up to $100,000 to find Windows 8.1 exploits

John Callaham — Wed, 19 Jun 2013 18:18:25 +0000

Microsoft has announced a 'bounty program' for people who find exploits inside Windows 8.1, with up to $100,000 offered, plus rewards for finding vulnerabilities in the Internet Explorer 11 preview. Read more...

Two more zero-day vulnerabilities in Java, seemingly

Paul Ferson — Thu, 28 Feb 2013 10:02:49 +0000

Oracle's most famous product, Java, has a few more woes to add to its past week after a Polish security firm discovered two more potential weaknesses hackers could use in future attacks. Read more...

RSA unveils product to divide passwords across two servers

Paul Ferson — Wed, 10 Oct 2012 22:46:03 +0000

The RSA has unveiled a product allowing users to split their passwords across two different computer servers for additional security; hackers will need access to two different servers to attack. Read more...

Vita Half-byte Loader: The first homebrew application loader for the PSVita

Jake Durasamy — Mon, 06 Feb 2012 20:10:13 +0000

The PlayStation Vita is scheduled for release in the United States and Europe in just over a week, but that does't mean that the console hasn't already been exploited. However, piracy isn't an option. Read more...

Microsoft patched 190 exploits in 2009

Andrew Lyle — Mon, 28 Dec 2009 20:25:39 +0000

Microsoft posted a total of 74 bulletins in 2009 which patched 190 exploits in their operating systems and software. June was the biggest patch month, offering a total of 10 bulletins and 31 exploits... Read more...

Vonage Users Vulnerable to Exploits

Wed, 24 Oct 2007 23:05:23 +0000

According to a report released today by VoIP security firm Sipera Systems, Internet phone service company Vonage may be vulnerable to attacks by hackers through a variety of different means including eavesdropping, spam, spoofing and... Read more...

HD Moore takes iPhone exploits public

Tue, 16 Oct 2007 22:25:45 +0000

Noted hacker HD Moore has posted exploits for a vulnerability in Apple's iPhone, the same flaw that's been used by others to unlock the smart phone so it will work on other networks. The vulnerability,... Read more...

Exploits Hot on the Heels of Microsoft's Patches

Daniel Fleshbourne — Thu, 14 Jun 2007 09:35:20 +0000

Exploits appeared within hours for two of the bugs that Microsoft Corp. fixed Tuesday. Microsoft's June set of security updates patched 15 separate vulnerabilities, nine of them labeled "critical," the company's most serious threat rating.... Read more...

New Java exploits brewing

Daniel Fleshbourne — Fri, 12 Jan 2007 10:30:08 +0000

Attackers have released exploit code targeting two previously patched flaws in Sun Microsystems' Java Runtime Environment (JRE) and Java Software Development Kit (SDK). The flaws could allow an attacker to remotely execute code on a... Read more...

Microsoft tests fix for IE bug as exploits appear

Daniel Fleshbourne — Mon, 27 Mar 2006 18:34:08 +0000

A recently identified Internet Explorer security hole is now being exploited and Microsoft hopes to include a fix for it in its April 11 patch or maybe even earlier, according to a posting on a... Read more...

Researcher Says Intel Macs Could Invite More Exploits

Daniel Fleshbourne — Fri, 24 Mar 2006 19:13:34 +0000

Apple's switch from PowerPC to Intel-based Macs could lead to more attacks and cross-platform exploits, according to some researchers and solution providers. OS X includes features that make it a target for malware, and the... Read more...

WMF Exploits Sold By Russian Hackers

Fri, 03 Feb 2006 16:41:26 +0000

The Windows Metafile (WMF) bug that caused users -- and Microsoft -- so much grief in December and January spread like it did because Russian hackers sold an exploit to anyone who had the cash,... Read more...

New WINS Exploits Making Rounds

Daniel Fleshbourne — Wed, 05 Jan 2005 11:10:02 +0000

Almost a month after Microsoft released a fix for a security issue in the WINS (Windows Internet Name Service) name server, malicious exploits continue to haunt tardy network administrators. According to an alert from the... Read more...

Attack bot exploits Windows flaw

Sun, 03 Aug 2003 14:05:30 +0000

Online vandals are using a program to compromise Windows servers and remotely control them through Internet relay chat (IRC) networks, system administrators said Saturday. Several programs, including one that exploits a recent vulnerability in... Read more...

New virus exploits SARS epidemic concerns

Fri, 25 Apr 2003 16:30:23 +0000

A new computer worm attempts to spread by taking advantage of concerns over the killer flu-like virus, SARS. Known as Coronex-A, the mass-mailer worm forwards itself to all contacts in Outlook address books and attempts... Read more...

Program exploits Windows 2000 flaw

Wed, 26 Mar 2003 12:40:20 +0000

A Venezuelan security consultant has released a small program designed to compromise Microsoft Internet Information Service servers that haven't had a recent security hole patched. Monday's public release of the program's source... Read more...

New IE spy progie exploits DCOM

Daniel Fleshbourne — Tue, 02 Jul 2002 09:39:05 +0000

Thanks Big Booger A group of Japanese security enthusiasts has developed a little tool called IE'en which exposes traffic between an IE user and any server he's contacting, including logins and passwords... Read more...