Announcements

Drupal Patches XSS Vulnerability in Spam Module

  • 19th September 2014
Drupal released an update that patches a cross-site scripting vulnerability in a popular spam and content moderation module used by websites built on the open source CMS. The vulnerability was in a feature of the Mollom module that is installed on at least 60,000 sites, said Drupal security team volunteer Greg Knaddison, director of ...
Continue reading

THREE QUARTERS of Android mobes open to web page spy bug

  • 18th September 2014
A Metasploit module has been developed to easily exploit a dangerous flaw in 75 percent of Android devices that allows attackers to hijack a users' open websites. The exploit targets vulnerability (CVE-2014-6041) in Android versions 4.2.1 and below and was disclosed without fanfare on 1 September, but had since gathered dust, ...
Continue reading

Archie Exploit Kit Targets Adobe, Silverlight Vulnerabilities

  • 18th September 2014
A relatively new exploit kit that borrows modules copied from the Metasploit Framework and exploits any older versions of Adobe Flash, Reader and, Silverlight the user may be using has begun to make the rounds. Jaime Blasco, the director of AlienVault Labs dug deeper into kit, known as Archie, on the company’s blog ...
Continue reading

Macro based malware is on the rise

  • 18th September 2014
Malware authors have a rediscovered their love for Visual Basic, as the percentage of macro based malware rose from around 6% of all document malware in June to 28% in July, Sophos researchers have found.Gabor Szappanos, principal researcher at SophosLabs, explained in a paper published earlier this year the advantages of Visual Basic ...
Continue reading