Microsoft patched 34 vulnerabilities in all on Tuesday with most of the bugs impacting Microsoft Edge, Microsoft Office and Microsoft’s Scripting Engine.
A popular porn site is used by KovCoreG Group to launch multiple malvertising campaigns exposing millions to fake browser updates and malware.
A malware campaign utilizing bogus “HoeflerText” popup warnings is back in full swing targeting Google Chrome and Firefox browsers with Locky ransomware attacks and the NetSupport Manager RAT.
Researchers warn a retooled ‘Jimmy’ Nukebot no longer steals bankcard data, rather focuses on avoiding detection as it downloads malicious modules.
Researchers claim that APT3, widely believed to be a China-based threat actor, is directly connected to the Chinese Ministry of State Security (MSS).
Microsoft Patch Tuesday fixes 45 vulnerabilities, one being an active zero-day bug used to spread the Dridex banking Trojan.
As part of Patch Tuesday Adobe patched a zero-day vulnerability in Flash Player the company claims is being used in targeted attacks against Internet Explorer users on Windows.
Microsoft released 10 security bulletins on Patch Tuesday that included patches for five zero day vulnerabilities under attack that had not been publicly disclosed until today.
The news of the week is discussed, including Schneier’s DDoS article, a patched IE/Edge zero day, a new OS X malware detection method, and Google’s Project Zero prize.