Posted November 26, 2012 A hacker is selling a $700 zero-day exploit for Yahoo Mail that lets an attacker leverage a cross-site scripting (XSS) vulnerability to steal cookies and hijack accounts. Read the full story on Naked Security.
Posted November 8, 2012 The vulnerability is selling for up to $50K on the black market, security researchers say, and has been included in a package of banking Trojans called the Blackhole Exploit Kit, which is the most prevalent exploit kit out there. Read all about it.
Gmail accounts targeted by ‘state-sponsored attackers’ using Internet Explorer zero-day vulnerability
Posted June 15, 2012 Both Google and Microsoft have put out alerts about an unpatched, zero-day hole in Internet Explorer that is actively being exploited in the wild. If you’re using IE & Windows, install Microsoft’s Fix-it workaround immediately. I also included a bunch of tips from Graham on how to protect your Gmail account from [...]
An unpatched zero-day flaw in Yahoo Messenger allows remote attackers to meddle with any user’s status message, opening an opportunity for malware to spread. Check out the full story.