Krebs on Security

Java: A Gift to Exploit Pack Makers

I have long urged readers who have no need for Java to remove the program, because failing to keep this software updated with the latest security patches exposes users to dangerous, ubiquitous attacks ...
Threat Post

New ‘Nice Pack’ Exploit Kit Found, Thousands of Owned Sites Redirecting Users to Attack Site

A new exploit pack has appeared on the scene in the last week or so and it already is causing trouble for users, with thousands of compromised Web sites redirecting users to a page that is hosting the ...
WeLiveSecurity

Exploit Kit plays with smart redirection (amended)

This week we have detected another interesting attack vector. This time cybercriminals are using an interesting technique for hiding malicious Javascripts and employ implicit iFrame injection. At this ...
Threat Post

New Version of Eleonore Exploit Kit Released With New 0-Day Exploit

The creator of the infamous Eleonore exploit pack has released a new version of the attack toolkit, adding some new exploits, including one for a zero day vulnerability. The new version of Eleonore is ...
eWeek

Cyber-Criminals Targeting Retailers With ‘Nice Pack’ Exploit Kit, SQL Injection

eSpeaks’ Corey Noles talks with Rob Israch, President of Tipalti, about what it means to lead with Global-First Finance and how companies can build scalable, compliant operations in an increasingly ...
Searchenginejournal.com

All in One SEO Pack Vulnerability – New Exploit

Researchers discovered a type of issue that is called a cross site scripting vulnerability (XSS). It can generally involve a compromised input interface. So anywhere that a user can input and upload ...
Krebs on Security

Java: A Gift to Exploit Pack Makers

I have long urged readers who have no need for Java to remove the program, because failing to keep this software updated with the latest security patches exposes users to dangerous, ubiquitous attacks ...