A security researcher has found a great number of exploitable vulnerabilities in popular security solutions and the AV engines they use, proving not only that AV engines are as vulnerable to zero day attacks as the applications they try to protect, but can also lower the operating system's exploit mitigations.
The Facebook scam is a familiar phenomenon to every user of the popular social network, and most of them have fallen for it at one time or another as it only takes a moment of distraction to click on an interesting link.
By leveraging and modifying a "semi-random public exploit" researchers have managed to deactivate all protection features of the latest version of Microsoft's Enhanced Mitigation Experience Toolkit and "get shell" on the target system and execute code.
DefenseCode released an advisory in which researcher Leon Juranic details security issues related to using wildcards in Unix commands.
Nearly two months have passed since the public revelation of the Heartbleed bug affecting the widely used open source cryptographic library OpenSSL.