Attackers use spam to infect systems with the Andromeda backdoor and then deploy GamaPoS on select point-of-sale machines
Researchers show they can recover sensitive cookies from RC4-encrypted TLS connections in 75 hours
Users should update Java as soon as possible because attackers are already taking advantage of at least one vulnerability.
The feature allows the company's software to persist even if the hard disk drive if replaced.
The exploit was used in attacks against the armed forces of a NATO country and a U.S. defense organization
The vulnerabilities leveraged by two of the exploits have yet to be patched
Adobe plans to patch the vulnerability next week, but attackers might move quicker.
The flaws could lead to code execution, privilege escalation and denial-of-service
The vulnerability allows attackers to generate rogue certificates that pass OpenSSL's validation
A total of 36 flaws were patched, many of them critical
The group has been stealing confidential information from large companies worldwide for the past three years.
They profit from the one-day window until Adobe expects to release a patch
At least one new exploit for Flash Player has been confirmed.
Patches will be released on July 9 for OpenSSL 1.0.1 and 1.0.2
Any wannabe botnet operator can now create their own army of ZeusVM-infected computers, researchers warn