The results of the first day of the traditional Pwn2Own hacking contest at the CanSecWest Conference currently taking place in Vancouver are in, and the losers are Adobe, Microsoft and Mozilla.
Microsoft has finally issued a security advisory addressing the IE zero-day that has been recently actively exploited in attacks in the wild, and has followed with a Fix it tool to temporarily mitigate the issue until a patch is released.
The recently spotted watering hole attacks aimed at the visitors of the official website of the US Veterans of Foreign Wars and of a bogus website mimicking that of the French aerospace association GIFAS might not be, after all, the work of the same threat actors.
Avecto analyzed data from security bulletins issued by Microsoft throughout 2013 and concluded that 92% of all vulnerabilities reported by Microsoft with a critical severity rating can be mitigated by removing admin rights.
An Internet Explorer zero-day vulnerability (CVE-2014-0322) is actively exploited in the wild in a watering-hole attack targeting visitors to the official website of the U.S.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.