IE Zero-Day Ephemeral Hydra
A new IE zero-day exploit has been discovered by researchers at FireEye. This exploit is interesting because of the unknowns: Without code to make the exploit persistent, we don’t know what the attacker is after.
Operation DeputyDog Targets Latest IE Zero Day
The recent Internet Explorer vulnerability (CVE-2013-3893) announced by Microsoft last week is being exploited as part of a targeted attack FireEye is referring to as “Operation DeputyDog”. “Today, we released a Fix it workaround tool to address a new IE vulnerability that had been actively exploited in extremely limited, targeted
Prodigy Email Vulnerability Puts Millions of Accounts at Risk
Prodigy Email Vulnerability Exposes Thousands of Accounts and Puts Millions More At Risk In Mexico… Over the past few weeks I have been working with El Economista on the discovery and disclosure of a massive security hole in Prodigy’s (Telmex) mobile email and web based mail systems in Mexico. The hole
Securing WordPress: Hardening Basics
WordPress has become one of the leading blog platforms, and many small to medium sized businesses even utilize it as their content management system. WordPress is available as a one-click install with most hosting providers making deployment simple. However this popularity and ease of use has come at a price,