Posts Tagged ‘exploit’

Full LastPass 4.1.42 Exploit Discovered

Tuesday, March 21st, 2017

Password managers must make an incredibly tempting target for hackers. Heads up, LastPass users!

Tavis Ormandy, a prolific member of Google’s Project Zero initiative, revealed that he discovered a new security issue in LastPass 4.1.42 (and maybe earlier). Ormandy revealed that he discovered an exploit, but did not reveal it. Project Zero discoveries are reported to the companies who produce the affected products. The companies have 90 days to react, usually by creating a new product version that they make available publicly to all customers.


Pwn2Own 2017: Windows, Ubuntu, Edge, Safari and Firefox Exploited

Friday, March 17th, 2017

The good news is that Chrome managed to resist hacking (this time.)

The tenth anniversary of the Pwn2Own gathering of hackers, Pwn2Own 2017, saw eleven teams attempt to exploit products across four categories. The products that teams were allowed to target this year included operating systems and web browsers, but also the new product categories Enterprise applications and server-side. Programs like Adobe Reader, and Apache Web Server, were added as targets by the Pwn2Own committee.


Public Internet Explorer Exploit Released; Fix-It Available to Protect Your PC

Thursday, October 3rd, 2013

If Internet Explorer is your browser of choice, then you should probably check this out …

A vulnerability, first announced by Microsoft on September 17, 2013, has been released to the public which may increase attacks that exploit that vulnerability significantly. The vulnerability affects all versions of Microsoft Internet Explorer. Microsoft was aware of limited targeted attacks against Internet Explorer 8 and 9 when it released the security advisory but this situation may have changed in the meantime.


Mozilla Updates Firefox to 19.0.2 in Response to Pwn2own Issue

Friday, March 8th, 2013

If you’re wondering what motivated the latest Firefox update, here’s the story …

The Pwn2own security challenge is an annual competition in which hackers and security experts from all over the world try to beat the protection of software and mobile devices. Winners of the contest not only get prize money for their efforts, but can also keep the devices they successfully exploited.