Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Diaries by Keyword - SANS Internet Storm Center Diaries by Keyword


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

ADOBE PDF EXPLOIT 0DAY 0DAY ACROBAT JS JAVASCRIPT

2009-02-25Andre LudwigAdobe Acrobat pdf 0-day exploit, No JavaScript needed!

ADOBE

2018-11-21/a>Johannes UllrichCritical Vulnerability in Flash Player
2016-10-26/a>Johannes UllrichCritical Flash Player Update APSB16-36
2016-09-13/a>Rob VandenBrinkApple iOS 10 and 10.0.1 Released
2016-06-17/a>Johannes UllrichCritical Adobe Flash Update. Patch Now
2016-05-12/a>Xavier MertensAdobe Released Updates to Fix Critical Vulnerability
2016-03-08/a>Rick WannerCritical Adobe Updates - March 2016
2016-02-09/a>Johannes UllrichAdobe Patch Tuesday - February 2016
2015-12-28/a>Rick WannerAdobe Flash and Adobe AIR Updates - https://helpx.adobe.com/security/products/flash-player/apsb16-01.html
2015-10-16/a>Alex StanfordAdobe Flash Update
2015-10-13/a>Alex StanfordAdobe Updates Acrobat and Adobe Reader
2015-10-09/a>Guy BruneauAdobe Acrobat and Reader Pre-Announcement
2015-09-19/a>Didier StevensDon't launch that file Adobe Reader!
2015-07-27/a>Daniel WesemannAngler's best friends
2015-07-14/a>Johannes UllrichAdobe Updates Flash Player, Shockwave and PDF Reader
2015-07-12/a>Rick WannerAnother Adobe Flash Zero Day http://www.kb.cert.org/vuls/id/338736
2015-06-23/a>Kevin ShorttAdobe Flash Player Update - https://helpx.adobe.com/security/products/flash-player/apsb15-14.html
2015-02-05/a>Johannes UllrichAdobe Flash Player Update Released, Fixing CVE 2015-0313
2015-02-02/a>Stephen HallNew Adobe Flash Vulnerability - CVE-2015-0313
2015-01-26/a>Russ McReeAdobe updates Security Advisory for Adobe Flash Player, Infocon returns to green
2015-01-23/a>Adrien de BeaupreInfocon change to yellow for Adobe Flash issues
2014-11-11/a>Johannes UllrichAdobe Flash Update
2014-10-14/a>Johannes UllrichAdobe October 2014 Bulletins for Flash Player and Coldfusion
2014-08-12/a>Adrien de BeaupreAdobe updates for 2014/08
2014-04-28/a>Russ McReeAdobe Security Bulletin: Security updates available for Adobe Flash Player http://adobe.ly/QVjO72
2014-04-08/a>Rick WannerSecurity Updates available for Adobe Flash Player - http://helpx.adobe.com/security/products/flash-player/apsb14-09.html
2014-03-13/a>Daniel WesemannAdobe Shockwave Player critical update: http://helpx.adobe.com/security/products/shockwave/apsb14-10.html
2014-03-11/a>Johannes UllrichAdobe Updates: Flash Player
2014-02-20/a>Stephen HallAbobe out of band patch announcement (APSB14-07)
2014-02-11/a>Johannes UllrichAdobe February 2014 Patch Tuesday
2014-02-04/a>Johannes UllrichAdobe Flash Player Emergency Patch
2014-01-14/a>Johannes UllrichAdobe Patch Tuesday January 2014
2013-12-21/a>Daniel WesemannAdobe phishing underway
2013-12-10/a>Rob VandenBrinkAdobe Updates today as well.
2013-11-22/a>Rick WannerTales of Password Reuse
2013-10-09/a>Johannes UllrichOther Patch Tuesday Updates (Adobe, Apple)
2013-10-05/a>Richard PorterAdobe Breach Notification, Notifications?
2013-10-04/a>Johannes UllrichThe Adobe Breach FAQ
2013-10-03/a>Johannes UllrichOctober Patch Tuesday Preview (CVE-2013-3893 patch coming!)
2013-09-10/a>Swa FrantzenAdobe September 2013 Black Tuesday Overview
2013-07-09/a>Swa FrantzenAdobe July 2013 Black Tuesday Overview
2013-06-11/a>Swa FrantzenAdobe June 2013 Black Tuesday Overview
2013-05-14/a>Swa FrantzenAdobe May 2013 Black Tuesday Overview
2013-05-10/a>Johannes UllrichMicrosoft and Adobe Patch Tuesday Pre-Release
2013-05-09/a>John BambenekAdobe Releases 0-day Security Advisory for Coldfusion, Exploit Code Available. Advisory here: http://www.adobe.com/support/security/advisories/apsa13-03.html
2013-05-08/a>Johannes Ullrich"De Flashing" the ISC Web Site and Flash XSS issues
2013-04-09/a>Swa FrantzenAdobe April 2013 Black Tuesday Overview
2013-03-12/a>Swa FrantzenAdobe March 2013 Black Tueday
2013-02-27/a>Adam SwangerAdobe Flash Player Security Update - http://www.adobe.com/support/security/bulletins/apsb13-08.html
2013-02-20/a>Johannes UllrichUpdate Palooza
2013-02-17/a>Guy BruneauAdobe Acrobat and Reader Security Update Planned this Week
2013-02-13/a>Swa FrantzenMore adobe reader and acrobat (PDF) trouble
2013-02-07/a>John BambenekAdobe Releases Patches for 0-day Vulnerability in Flash Player for Windows and Mac, Upgrade now: http://www.adobe.com/support/security/bulletins/apsb13-04.html
2013-01-09/a>Rob VandenBrinkSecurity Updates for Adobe Reader / Acrobat - http://www.adobe.com/support/security/bulletins/apsb13-02.html
2013-01-09/a>Rob VandenBrinkSecurity Updates for Adobe Flash - http://www.adobe.com/support/security/bulletins/apsb13-01.html
2013-01-08/a>Richard PorterAdobe Security Bulletins http://blogs.adobe.com/psirt/2013/01/adobe-security-bulletins-posted-4.html
2013-01-04/a>Daniel WesemannPatch pre-notification from Adobe and Microsoft
2012-11-08/a>Daniel WesemannAdobe Patches
2012-10-09/a>Johannes UllrichAdobe Flash Player update http://www.adobe.com/support/security/bulletins/apsb12-22.html
2012-08-21/a>Adrien de BeaupreYYABCAFU - Yes Yet Another Bleeping Critical Adobe Flash Update
2012-08-14/a>Rick WannerAdobe Security Bulletins - http://blogs.adobe.com/psirt/2012/08/adobe-security-bulletins-posted-2.html
2012-06-12/a>Swa FrantzenAdobe June 2012 Black Tuesday patches
2012-05-25/a>Guy BruneauTechnical Analysis of Flash Player CVE-2012-0779
2012-05-12/a>Tony CarothersAdobe Update to Vulnerabilities
2012-05-04/a>Guy BruneauAdobe Security Flash Update
2012-04-10/a>Swa FrantzenAdobe April 2012 Black Tuesday Update
2012-04-06/a>Johannes UllrichAdobe Patch Tuesday Prerelease (Reader/Acrobat) http://www.adobe.com/support/security/bulletins/apsb12-08.html
2012-03-28/a>Kevin ShorttAdobe Flash Player APSB12-07 - 28 March 2012
2012-03-05/a>Johannes UllrichAdobe Flash Player Security Update
2012-02-16/a>Johannes UllrichAdobe Flash Player Update
2012-02-14/a>Johannes UllrichAdobe Shockwave Player and RoboHelp for Word Patches
2012-01-10/a>Adrien de BeaupreAdobe January 2012 Black Tuesday overview
2011-12-13/a>Johannes UllrichDecember 2011 Adobe Black Tuesday
2011-12-08/a>Adrien de BeaupreNewest Adobe Flash 11.1.102.55 and Previous 0 Day Exploit
2011-12-07/a>Lenny ZeltserAdobe Acrobat Latest Zero-Day Vulnerability Fix Coming to All Platforms by January 10
2011-11-11/a>Rick WannerAdobe Air updated to 3.1.0.4880
2011-11-08/a>Swa FrantzenAbobe November 2011 Black Tuesday Overview
2011-10-05/a>Johannes UllrichAdobe SSL Certificate Problem (fixed)
2011-10-01/a>Mark HofmanAdobe Photoshop for Windows Vulnerability (CVE-2011-2443)
2011-09-21/a>Swa FrantzenEmergency patch expected for Flash Player
2011-09-21/a>Guy BruneauAdobe Release Flash Player 10.3.183.10 available at http://get.adobe.com/flashplayer/
2011-09-09/a>Guy BruneauAdobe plan to release critical security updates next Tuesday for Acrobat and Reader http://www.adobe.com/support/security/bulletins/apsb11-24.html
2011-09-09/a>Guy BruneauAdobe Publish its List of Trusted Root Certificate - http://www.adobe.com/security/approved-trust-list.html
2011-08-26/a>Daniel WesemannAdobe Flash stability update to 10.3.183.7. See http://forums.adobe.com/message/3883150
2011-08-09/a>Swa FrantzenAdobe August 2011 Black Tuesday Overview
2011-06-30/a>Guy BruneauAdobe Release Flash Player 10.3.181.34 available at http://get.adobe.com/flashplayer/
2011-06-14/a>Swa FrantzenAdobe releases patches
2011-06-06/a>Johannes UllrichAdobe releases Flash Player patch on a Sunday to combat latest 0day http://www.adobe.com/support/security/bulletins/apsb11-13.html
2011-05-12/a>Chris MohanSecurity updates available for Flash Player, RoboHelp, Audition, and Flash Media Server
2011-04-21/a>Guy BruneauAdobe Reader and Acrobat Security Updates
2011-04-14/a>Johannes UllrichUpdate to Adobe Flash 0-day: Patch will be out soon
2011-04-11/a>Johannes UllrichYet another Adobe Flash/Reader/Acrobat 0 day
2011-03-22/a>Kevin ShorttAdobe Reader/Acrobat Security Update - http://www.adobe.com/support/security/bulletins/apsb11-06.html
2011-03-14/a>Bojan ZdrnjaAdobe Flash 0-day being used in targeted attacks
2011-03-02/a>Chris MohanUpdates: Firefox 3.6.14/3.5.17, Thunderbird 3.1.8, Adobe Flash v10.2.152.32 & WireShark 1.4.4
2011-02-09/a>Mark HofmanAdobe Patches (shockwave, Flash, Reader & Coldfusion)
2011-01-06/a>Johannes UllrichFlash Local-with-filesystem Sandbox Bypass
2010-11-22/a>Lenny ZeltserAdobe Acrobat Spam Going Strong - More to Come?
2010-11-19/a>Jason LamAdobe Reader X - Sandbox
2010-11-04/a>Johannes UllrichToday's Adobe Patches and Vulnerablities
2010-10-28/a>Manuel Humberto Santander PelaezCVE-2010-3654 - New dangerous 0-day authplay library adobe products vulnerability
2010-10-06/a>Robert DanfordAdobe updates: http://www.adobe.com/support/security/bulletins/apsb10-21.html
2010-09-14/a>Adrien de BeaupreAdobe Flash v10.1.82.76 and earlier vulnerability in-the-wild
2010-09-13/a>Manuel Humberto Santander Pelaez Enhanced Mitigation Experience Toolkit can block Adobe 0-day exploit
2010-09-13/a>Manuel Humberto Santander PelaezAdobe SING table parsing exploit (CVE-2010-2883) in the wild
2010-09-12/a>Manuel Humberto Santander PelaezAdobe Acrobat pushstring Memory Corruption paper
2010-09-08/a>John BambenekAdobe Acrobat/Reader 0-day in Wild, Adobe Issues Advisory
2010-08-25/a>Pedro BuenoAdobe released security update for Shockwave player that fix several CVEs: APSB1020
2010-08-19/a>Rob VandenBrinkDon points us to multiple Adobe updates (Reader and Acrobat 9.3.4 among them) ==> http://www.adobe.com/support/downloads/new.jsp
2010-08-18/a>Guy BruneauAdobe out-of-cycle Updates
2010-08-10/a>Jason LamAdobe critical security updates
2010-08-05/a>Manuel Humberto Santander PelaezAdobe Acrobat Font Parsing Integer Overflow Vulnerability
2010-07-21/a>Adrien de BeaupreAdobe Reader Protected Mode
2010-06-29/a>donald smithAdobe Reader 9.3.3/8.2.3 addressing CVE-2010-1297
2010-06-16/a>Kevin ShorttAdobe Flash Player 10.1 - Security Update Available
2010-06-09/a>Deborah HaleBest Practice to Prevent PDF Attacks
2010-06-09/a>Deborah HaleAdobe POC in the Wild
2010-06-05/a>Guy BruneauSecurity Advisory for Flash Player, Adobe Reader and Acrobat
2010-05-12/a>Rob VandenBrinkAdobe Shockwave Update
2010-04-13/a>Adrien de BeaupreSecurity update available for Adobe Reader and Acrobat
2010-04-09/a>Mark HofmanAdobe launch issue response/work around.
2010-03-31/a>Johannes UllrichPDF Arbitrary Code Execution - vulnerable by design.
2010-02-16/a>Robert DanfordAdobe Updates: http://www.adobe.com/support/security/bulletins/apsb10-07.html http://www.adobe.com/support/security/bulletins/apsb10-06.html
2010-02-12/a>G. N. WhiteAdobe Flash Player 10.0.45.2 and AIR 1.5.3.9130 released to correct vulnerability CVE-2010-0186 Details: http://www.adobe.com/support/security/bulletins/apsb10-06.html
2010-02-02/a>Guy BruneauAdobe ColdFusion Information Disclosure
2010-01-21/a>Chris CarboniSecurity Update Available for Shockwave Player
2010-01-14/a>Bojan ZdrnjaPDF Babushka
2010-01-12/a>Johannes UllrichMicrosoft Advices XP Users to Uninstall Flash Player 6
2010-01-12/a>Johannes UllrichPre-Announced Adobe Reader and Acrobat Patch Found!
2010-01-07/a>Daniel WesemannStatic analysis of malicious PDFs
2010-01-07/a>Daniel WesemannStatic analysis of malicous PDFs (Part #2)
2009-12-15/a>Johannes UllrichAdobe 0-day in the wild - again
2009-12-09/a>Swa FrantzenAdobe flash player and air patched
2009-12-03/a>Mark HofmanNext week will be a big patch week - Adobe is also releasing patches "Adobe is planning to release an update for Adobe Flash Player 10.0.32.18 and earlier versions, and an update to Adobe AIR 1.5.2 and earlier versions, to resolve critical security issues
2009-11-03/a>Bojan ZdrnjaAdobe released Shockwave Player 11.5.2.602 which fixes several critical security vulnerabilities
2009-10-13/a>Daniel WesemannAdobe Reader and Acrobat - Black Tuesday continues
2009-10-08/a>Johannes UllrichNew Adobe Vulnerability Exploited in Targeted Attacks
2009-08-18/a>Deborah HaleSecurity Bulletin for ColdFusion and JRun
2009-07-31/a>Deborah HaleAdobe Patch is out
2009-07-22/a>Bojan ZdrnjaYA0D (Yet Another 0-Day) in Adobe Flash player
2009-06-24/a>Kyle HaugsnessAdobe Shockwave Player Update
2009-06-09/a>Swa FrantzenAdobe June Black Tuesday upgrades
2009-05-24/a>Raul SilesAnalyzing malicious PDF documents
2009-05-22/a>Mark HofmanPatching and Adobe
2009-05-12/a>Swa FrantzenAdobe Acrobat (reader) patches released
2009-05-01/a>Adrien de BeaupreAdobe Flash Media Server privilege escalation security bulletin
2009-04-29/a>Jason LamTwo Adobe 0-day vulnerabilities
2009-04-20/a>Jason LamDigital Content on TV
2009-03-18/a>Adrien de BeaupreAdobe Security Bulletin Adobe Reader and Acrobat
2009-03-10/a>Swa FrantzenAdobe Acrobat 9.1 released
2009-02-25/a>Andre LudwigAdobe Acrobat pdf 0-day exploit, No JavaScript needed!
2009-02-25/a>Andre LudwigAdobe flash player patch
2009-02-25/a>Andre LudwigPreview/Iphone/Linux pdf issues
2008-12-05/a>Daniel WesemannBeen updatin' your Flash player lately?
2008-11-17/a>Jim ClausingCritical update to Adobe AIR
2008-11-11/a>Swa FrantzenAcrobat continued activity in the wild
2008-11-06/a>Joel EslerMore Adobe Updates
2008-10-15/a>Mari NicholsAdobe Flash 10 Released
2008-07-17/a>Mari NicholsAdobe Reader 9 Released
2008-07-11/a>Raul SilesHow to Determine if Adobe Acrobat or Reader 8.1.2 Security Update 1 is Installed?
2008-05-27/a>Adrien de BeaupreAdobe flash player vuln
2008-05-12/a>Scott FendleyAdobe Releases Security Updates
2008-04-09/a>Raul SilesCritical vulnerabilities in Adobe Flash Player
2008-03-20/a>Joel EslerPotential Vulnerability in Flash CS3 Professional, Flash Professional 8 and Flash Basic 8?
2008-03-12/a>Joel EslerAdobe security updates
2006-11-29/a>Toby KohlenbergNew Adobe vulnerability
2006-11-14/a>Jim ClausingMS06-069: Adobe Flash Player
2006-11-14/a>Swa FrantzenAdobe Flash update available
2006-09-12/a>Swa FrantzenAdobe Flash player upgrade time

PDF

2019-04-01/a>Didier StevensAnalysis of PDFs Created with OpenOffice/LibreOffice
2019-02-14/a>Xavier MertensSuspicious PDF Connecting to a Remote SMB Share
2018-08-12/a>Didier StevensA URL shortener handy for phishers
2018-01-15/a>Didier StevensDecrypting malicious PDFs with the key
2018-01-02/a>Didier StevensPDF documents & URLs: video
2017-12-24/a>Didier StevensPDF documents & URLs: update
2017-12-23/a>Didier StevensEncrypted PDFs
2017-11-05/a>Didier StevensExtracting the text from PDF documents
2017-11-04/a>Didier StevensPDF documents & URLs
2017-04-23/a>Didier StevensMalicious Documents: A Bit Of News
2016-01-01/a>Didier StevensFailure Is An Option
2015-09-19/a>Didier StevensDon't launch that file Adobe Reader!
2015-08-28/a>Didier StevensTest File: PDF With Embedded DOC Dropping EICAR
2015-08-26/a>Didier StevensPDF + maldoc1 = maldoc2
2015-04-19/a>Didier StevensHandling Special PDF Compression Methods
2013-02-17/a>Guy BruneauAdobe Acrobat and Reader Security Update Planned this Week
2013-02-13/a>Swa FrantzenMore adobe reader and acrobat (PDF) trouble
2011-07-10/a>Raul SilesJailbreakme Takes Advantage of 0-day PDF Vuln in Apple iOS Devices
2011-03-29/a>Daniel WesemannMalware emails with fake cellphone invoice
2011-03-09/a>Kevin ShorttAVG Anti-Virus 2011 False Positives - Luhe.Exploit.PDF.B
2011-01-13/a>Rob VandenBrinkBlackberry BES Server Updates for PDF Vulnerabilities
2010-12-15/a>Manuel Humberto Santander PelaezVulnerability in the PDF distiller of the BlackBerry Attachment Service
2010-09-26/a>Daniel WesemannPDF analysis paper
2010-09-02/a>Daniel WesemannSDF, please!
2010-08-22/a>Manuel Humberto Santander PelaezAnatomy of a PDF exploit
2010-08-06/a>Rob VandenBrinkFOXIT PDF Reader update to resolve iPhone/iPad Jailbreak issue ==> http://www.foxitsoftware.com/announcements/2010861227.html
2010-08-05/a>Manuel Humberto Santander PelaezAdobe Acrobat Font Parsing Integer Overflow Vulnerability
2010-07-04/a>Manuel Humberto Santander PelaezMalware inside PDF Files
2010-06-09/a>Deborah HaleBest Practice to Prevent PDF Attacks
2010-04-22/a>John BambenekData Redaction: You're Doing it Wrong
2010-04-08/a>Bojan ZdrnjaJavaScript obfuscation in PDF: Sky is the limit
2010-03-31/a>Johannes UllrichPDF Arbitrary Code Execution - vulnerable by design.
2010-01-15/a>Kevin ListonClearing some things up about Adobe
2010-01-14/a>Bojan ZdrnjaPDF Babushka
2010-01-05/a>Guy BruneauNew poll on handling PDF documents
2010-01-04/a>Bojan ZdrnjaSophisticated, targeted malicious PDF documents exploiting CVE-2009-4324
2009-12-15/a>Johannes UllrichAdobe 0-day in the wild - again
2009-12-01/a>Chris CarboniVulnerabilities in the PDF distiller of the BlackBerry Attachment Service
2009-05-29/a>Lorna HutchesonBlackberry Server Vulnerability
2009-05-24/a>Raul SilesAnalyzing malicious PDF documents
2009-03-18/a>Adrien de BeaupreAdobe Security Bulletin Adobe Reader and Acrobat
2009-02-25/a>Andre LudwigAdobe Acrobat pdf 0-day exploit, No JavaScript needed!
2009-02-25/a>Andre LudwigPreview/Iphone/Linux pdf issues
2008-11-11/a>Swa FrantzenAcrobat continued activity in the wild
2008-11-10/a>Stephen HallAdobe Reader Vulnerability - part 2
2008-09-03/a>Daniel WesemannStatic analysis of Shellcode
2008-07-15/a>Maarten Van HorenbeeckExtracting scripts and data from suspect PDF files
2008-04-24/a>Maarten Van HorenbeeckTargeted attacks using malicious PDF files

EXPLOIT

2018-12-23/a>Guy BruneauScanning Activity, end Goal is to add Hosts to Mirai Botnet
2018-11-23/a>Didier StevensVideo: Dissecting a CVE-2017-11882 Exploit
2018-09-24/a>Didier StevensAnalyzing Encoded Shellcode with scdbg
2018-06-05/a>Xavier MertensMalicious Post-Exploitation Batch File
2018-05-20/a>Didier StevensDASAN GPON home routers exploits in-the-wild
2018-05-03/a>Renato MarinhoWebLogic Exploited in the Wild (Again)
2017-09-30/a>Lorna HutchesonWho's Borrowing your Resources?
2017-09-10/a>Didier StevensAnalyzing JPEG files
2017-02-25/a>Guy BruneauUnpatched Microsoft Edge and IE Bug
2017-01-07/a>Xavier MertensUsing Security Tools to Compromize a Network
2016-04-21/a>Daniel WesemannDecoding Pseudo-Darkleech (#1)
2016-03-13/a>Guy BruneauA Look at the Mandiant M-Trends 2016 Report
2015-07-27/a>Daniel WesemannAngler's best friends
2015-03-10/a>Brad DuncanThreatglass has pcap files with exploit kit activity
2015-02-04/a>Alex StanfordExploit Kit Evolution - Neutrino
2014-08-16/a>Lenny ZeltserWeb Server Attack Investigation - Installing a Bot and Reverse Shell via a PHP Vulnerability
2014-07-22/a>Daniel WesemannIvan's Order of Magnitude
2014-02-28/a>Daniel WesemannFiesta!
2014-02-13/a>Johannes UllrichLinksys Worm ("TheMoon") Captured
2014-02-12/a>Johannes UllrichSuspected Mass Exploit Against Linksys E1000 / E1200 Routers
2013-10-01/a>John Bambenek*Metaspoit Releases Module to Exploit Unpatched IE Vuln CVE-2013-3893
2013-09-20/a>Russ McReeThreat Level Yellow: Protection recommendations regarding Internet Explorer exploits in the wild
2013-05-22/a>Adrien de BeauprePrivilege escalation, why should I care?
2013-02-21/a>Pedro BuenoNBC site redirecting to Exploit kit
2013-02-17/a>Guy BruneauAdobe Acrobat and Reader Security Update Planned this Week
2013-02-13/a>Swa FrantzenMore adobe reader and acrobat (PDF) trouble
2013-01-05/a>Guy BruneauAdobe ColdFusion Security Advisory
2013-01-04/a>Guy Bruneau"FixIt" Patch for CVE-2012-4792 Bypassed
2012-12-10/a>Johannes UllrichYour CPA License has not been revoked
2012-12-02/a>Guy BruneauZero Day MySQL Buffer Overflow
2012-08-05/a>Daniel WesemannPhishing for Payroll with unpatched Java
2012-07-19/a>Mark BaggettA Heap of Overflows?
2012-06-18/a>Guy BruneauCVE-2012-1875 exploit is now available
2012-05-05/a>Tony CarothersVulnerability Exploit for Snow Leopard
2012-04-26/a>Richard PorterPacketstorm Security and Metasploit have Exploit code for MS12-027
2012-03-11/a>Johannes UllrichAn Analysis of Jester's QR Code Attack. (Guest Diary)
2011-12-08/a>Adrien de BeaupreNewest Adobe Flash 11.1.102.55 and Previous 0 Day Exploit
2011-12-06/a>Pedro BuenoThe RedRet connection...
2011-11-22/a>Pedro BuenoUpdates on ZeroAccess and BlackHole front...
2011-10-13/a>Johannes UllrichCritical OS X Vulnerability Patched
2011-05-06/a>Richard PorterUpdated Exploit Index for Microsoft
2011-03-29/a>Daniel WesemannMalware emails with fake cellphone invoice
2011-03-15/a>Lenny ZeltserLimiting Exploit Capabilities by Using Windows Integrity Levels
2011-03-09/a>Kevin ShorttAVG Anti-Virus 2011 False Positives - Luhe.Exploit.PDF.B
2011-02-16/a>Jason LamWindows 0-day SMB mrxsmb.dll vulnerability
2010-12-27/a>Johannes UllrichVarious sites "Owned and Exposed"
2010-12-13/a>Deborah HaleThe Week to Top All Weeks
2010-12-02/a>Kevin JohnsonProFTPD distribution servers compromised
2010-11-01/a>Manuel Humberto Santander PelaezCVE-2010-3654 exploit in the wild
2010-09-26/a>Daniel WesemannPDF analysis paper
2010-09-14/a>Adrien de BeaupreAdobe Flash v10.1.82.76 and earlier vulnerability in-the-wild
2010-09-13/a>Manuel Humberto Santander Pelaez Enhanced Mitigation Experience Toolkit can block Adobe 0-day exploit
2010-09-13/a>Manuel Humberto Santander PelaezAdobe SING table parsing exploit (CVE-2010-2883) in the wild
2010-09-02/a>Daniel WesemannSDF, please!
2010-08-22/a>Manuel Humberto Santander PelaezAnatomy of a PDF exploit
2010-06-15/a>Manuel Humberto Santander PelaezMicrosoft Windows Help and Support Center vulnerability (CVE 2010-1885) exploit in the wild
2010-06-06/a>Manuel Humberto Santander PelaezNice OS X exploit tutorial
2010-05-23/a>Manuel Humberto Santander PelaezOracle Java SE and Java for Business 'MixerSequencer' Remote Code Execution Vulnerability
2010-04-10/a>Andre LudwigNew bug/exploit for javaws
2010-02-08/a>Adrien de BeaupreWhen is a 0day not a 0day? Fake OpenSSh exploit, again.
2010-01-24/a>Pedro BuenoOutdated client applications
2010-01-19/a>Johannes UllrichUnpatched Microsoft Windows (all versions) Privilege Escalation Vulnerability Released
2010-01-12/a>Adrien de BeauprePoC for CVE-2009-0689 MacOS X 10.5/10.6 vulnerability
2009-12-05/a>Guy BruneauJava JRE Buffer and Integer Overflow
2009-11-16/a>G. N. WhiteReports of a successful exploit of the SSL Renegotiation Vulnerability?
2009-11-14/a>Adrien de BeaupreMicrosoft advisory for Windows 7 / Windows Server 2008 R2 Remote SMB DoS Exploit released
2009-11-12/a>Rob VandenBrinkWindows 7 / Windows Server 2008 Remote SMB Exploit
2009-10-21/a>Pedro BuenoWordPress Hardening
2009-09-16/a>Bojan ZdrnjaSMB2 remote exploit released
2009-08-31/a>Pedro BuenoMicrosoft IIS 5/6 FTP 0Day released
2009-08-18/a>Bojan ZdrnjaMS09-039 exploit in the wild?
2009-07-16/a>Bojan ZdrnjaOWC exploits used in SQL injection attacks
2009-07-15/a>Bojan ZdrnjaMake sure you update that Java
2009-07-13/a>Adrien de Beaupre* Infocon raised to yellow for Excel Web Components ActiveX vulnerability
2009-07-10/a>Guy BruneauWordPress Fixes Multiple vulnerabilities
2009-07-09/a>Bojan ZdrnjaOpenSSH 0day FUD
2009-06-12/a>Adrien de BeaupreGreen Dam
2009-06-08/a>Chris CarboniKloxo (formerly Lxadmin) Vulnerability Exploited
2009-05-06/a>Tom ListonFollow The Bouncing Malware: Gone With the WINS
2009-04-24/a>Pedro BuenoDid you check your conference goodies?
2009-04-14/a>Swa FrantzenVMware exploits - just how bad is it ?
2009-03-19/a>Mark HofmanBrowsers Tumble at CanSecWest
2009-03-18/a>Adrien de BeaupreAdobe Security Bulletin Adobe Reader and Acrobat
2009-02-25/a>Andre LudwigAdobe Acrobat pdf 0-day exploit, No JavaScript needed!
2009-02-25/a>Andre LudwigPreview/Iphone/Linux pdf issues
2008-08-26/a>John BambenekActive attacks using stolen SSH keys (UPDATED)
2008-05-07/a>Jim ClausingMore on automated exploit generation
2008-05-05/a>John BambenekDefenses Against Automated Patch-Based Exploit Generation
2008-04-24/a>Maarten Van HorenbeeckTargeted attacks using malicious PDF files
2008-04-18/a>John BambenekThe Patch Window is Gone: Automated Patch-Based Exploit Generation
2008-04-10/a>Deborah HaleSymantec Threatcon Level 2
2006-11-20/a>Joel EslerMS06-070 Remote Exploit

0DAY

2018-02-01/a>Johannes UllrichAdobe Flash 0-Day Used Against South Korean Targets
2016-08-25/a>Xavier MertensOut-of-Band iOS Patch Fixes 0-Day Vulnerabilities
2016-04-06/a>Bojan ZdrnjaYAFP (Yet Another Flash Patch)
2015-02-05/a>Johannes UllrichAdobe Flash Player Update Released, Fixing CVE 2015-0313
2015-01-23/a>Adrien de BeaupreInfocon change to yellow for Adobe Flash issues
2014-07-28/a>Johannes UllrichInteresting HTTP User Agent "chroot-apach0day"
2014-05-21/a>John BambenekNew, Unpatched IE 0 Day published at ZDI
2013-08-28/a>Bojan ZdrnjaMS13-056 (false positive)? alerts
2013-05-09/a>John BambenekAdobe Releases 0-day Security Advisory for Coldfusion, Exploit Code Available. Advisory here: http://www.adobe.com/support/security/advisories/apsa13-03.html
2013-02-07/a>John BambenekAdobe Releases Patches for 0-day Vulnerability in Flash Player for Windows and Mac, Upgrade now: http://www.adobe.com/support/security/bulletins/apsb13-04.html
2011-12-29/a>Richard PorterASP.Net Vulnerability
2011-11-16/a>Jason LamPotential 0-day on Bind 9
2011-05-06/a>Richard PorterUnpatched Exploit: Skype for MAC
2010-12-22/a>John BambenekIIS 7.5 0-Day DoS (processing FTP requests)
2010-11-24/a>Bojan ZdrnjaPrivilege escalation 0-day in almost all Windows versions
2010-11-01/a>Manuel Humberto Santander PelaezCVE-2010-3654 exploit in the wild
2010-10-28/a>Manuel Humberto Santander PelaezCVE-2010-3654 - New dangerous 0-day authplay library adobe products vulnerability
2010-10-26/a>Pedro BuenoFirefox news
2010-03-01/a>Mark HofmanIE 0-day using .hlp files
2010-02-09/a>Adrien de BeaupreWhen is a 0day not a 0day? Samba symlink bad default config
2010-01-14/a>Bojan Zdrnja0-day vulnerability in Internet Explorer 6, 7 and 8
2010-01-12/a>Johannes UllrichPre-Announced Adobe Reader and Acrobat Patch Found!
2010-01-07/a>Daniel WesemannStatic analysis of malicous PDFs (Part #2)
2010-01-07/a>Daniel WesemannStatic analysis of malicious PDFs
2009-12-27/a>Patrick NolanPressure increasing for Microsoft to patch IIS 0 day
2009-12-15/a>Johannes UllrichAdobe 0-day in the wild - again
2009-11-22/a>Marcus SachsIE6 and IE7 0-Day Reported
2009-09-08/a>Adrien de BeaupreMicrosoft Security Advisory 975191 Revised
2009-09-04/a>Adrien de BeaupreVulnerabilities (plural) in MS IIS FTP Service 5.0, 5.1. 6.0, 7.0
2009-08-31/a>Pedro BuenoMicrosoft IIS 5/6 FTP 0Day released
2009-07-22/a>Bojan ZdrnjaYA0D (Yet Another 0-Day) in Adobe Flash player
2009-07-17/a>Bojan ZdrnjaA new fascinating Linux kernel vulnerability
2009-04-29/a>Jason LamTwo Adobe 0-day vulnerabilities
2009-03-18/a>Adrien de BeaupreAdobe Security Bulletin Adobe Reader and Acrobat
2009-02-25/a>Andre LudwigAdobe Acrobat pdf 0-day exploit, No JavaScript needed!
2008-12-12/a>Johannes UllrichMSIE 0-day Spreading Via SQL Injection
2008-12-12/a>Kevin ListonIE7 0day expanded to include IE6 and IE8(beta)
2008-12-10/a>Bojan Zdrnja0-day exploit for Internet Explorer in the wild
2006-11-29/a>Toby KohlenbergWeek of Oracle bugs cancelled
2006-09-28/a>Swa FrantzenPowerpoint, yet another new vulnerability
2006-09-28/a>Swa FrantzenMSIE: One patched, one pops up again (setslice)
2006-09-22/a>Swa FrantzenYellow: MSIE VML exploit spreading
2006-09-19/a>Swa FrantzenYet another MSIE 0-day: VML
2006-09-15/a>Swa FrantzenMSIE DirectAnimation ActiveX 0-day update

0DAY

2018-02-01/a>Johannes UllrichAdobe Flash 0-Day Used Against South Korean Targets
2016-08-25/a>Xavier MertensOut-of-Band iOS Patch Fixes 0-Day Vulnerabilities
2016-04-06/a>Bojan ZdrnjaYAFP (Yet Another Flash Patch)
2015-02-05/a>Johannes UllrichAdobe Flash Player Update Released, Fixing CVE 2015-0313
2015-01-23/a>Adrien de BeaupreInfocon change to yellow for Adobe Flash issues
2014-07-28/a>Johannes UllrichInteresting HTTP User Agent "chroot-apach0day"
2014-05-21/a>John BambenekNew, Unpatched IE 0 Day published at ZDI
2013-08-28/a>Bojan ZdrnjaMS13-056 (false positive)? alerts
2013-05-09/a>John BambenekAdobe Releases 0-day Security Advisory for Coldfusion, Exploit Code Available. Advisory here: http://www.adobe.com/support/security/advisories/apsa13-03.html
2013-02-07/a>John BambenekAdobe Releases Patches for 0-day Vulnerability in Flash Player for Windows and Mac, Upgrade now: http://www.adobe.com/support/security/bulletins/apsb13-04.html
2011-12-29/a>Richard PorterASP.Net Vulnerability
2011-11-16/a>Jason LamPotential 0-day on Bind 9
2011-05-06/a>Richard PorterUnpatched Exploit: Skype for MAC
2010-12-22/a>John BambenekIIS 7.5 0-Day DoS (processing FTP requests)
2010-11-24/a>Bojan ZdrnjaPrivilege escalation 0-day in almost all Windows versions
2010-11-01/a>Manuel Humberto Santander PelaezCVE-2010-3654 exploit in the wild
2010-10-28/a>Manuel Humberto Santander PelaezCVE-2010-3654 - New dangerous 0-day authplay library adobe products vulnerability
2010-10-26/a>Pedro BuenoFirefox news
2010-03-01/a>Mark HofmanIE 0-day using .hlp files
2010-02-09/a>Adrien de BeaupreWhen is a 0day not a 0day? Samba symlink bad default config
2010-01-14/a>Bojan Zdrnja0-day vulnerability in Internet Explorer 6, 7 and 8
2010-01-12/a>Johannes UllrichPre-Announced Adobe Reader and Acrobat Patch Found!
2010-01-07/a>Daniel WesemannStatic analysis of malicous PDFs (Part #2)
2010-01-07/a>Daniel WesemannStatic analysis of malicious PDFs
2009-12-27/a>Patrick NolanPressure increasing for Microsoft to patch IIS 0 day
2009-12-15/a>Johannes UllrichAdobe 0-day in the wild - again
2009-11-22/a>Marcus SachsIE6 and IE7 0-Day Reported
2009-09-08/a>Adrien de BeaupreMicrosoft Security Advisory 975191 Revised
2009-09-04/a>Adrien de BeaupreVulnerabilities (plural) in MS IIS FTP Service 5.0, 5.1. 6.0, 7.0
2009-08-31/a>Pedro BuenoMicrosoft IIS 5/6 FTP 0Day released
2009-07-22/a>Bojan ZdrnjaYA0D (Yet Another 0-Day) in Adobe Flash player
2009-07-17/a>Bojan ZdrnjaA new fascinating Linux kernel vulnerability
2009-04-29/a>Jason LamTwo Adobe 0-day vulnerabilities
2009-03-18/a>Adrien de BeaupreAdobe Security Bulletin Adobe Reader and Acrobat
2009-02-25/a>Andre LudwigAdobe Acrobat pdf 0-day exploit, No JavaScript needed!
2008-12-12/a>Johannes UllrichMSIE 0-day Spreading Via SQL Injection
2008-12-12/a>Kevin ListonIE7 0day expanded to include IE6 and IE8(beta)
2008-12-10/a>Bojan Zdrnja0-day exploit for Internet Explorer in the wild
2006-11-29/a>Toby KohlenbergWeek of Oracle bugs cancelled
2006-09-28/a>Swa FrantzenPowerpoint, yet another new vulnerability
2006-09-28/a>Swa FrantzenMSIE: One patched, one pops up again (setslice)
2006-09-22/a>Swa FrantzenYellow: MSIE VML exploit spreading
2006-09-19/a>Swa FrantzenYet another MSIE 0-day: VML
2006-09-15/a>Swa FrantzenMSIE DirectAnimation ActiveX 0-day update

ACROBAT

2016-03-08/a>Rick WannerCritical Adobe Updates - March 2016
2015-10-09/a>Guy BruneauAdobe Acrobat and Reader Pre-Announcement
2014-08-12/a>Adrien de BeaupreAdobe updates for 2014/08
2013-02-17/a>Guy BruneauAdobe Acrobat and Reader Security Update Planned this Week
2013-02-13/a>Swa FrantzenMore adobe reader and acrobat (PDF) trouble
2013-01-09/a>Rob VandenBrinkSecurity Updates for Adobe Reader / Acrobat - http://www.adobe.com/support/security/bulletins/apsb13-02.html
2012-04-10/a>Swa FrantzenAdobe April 2012 Black Tuesday Update
2011-12-07/a>Lenny ZeltserAdobe Acrobat Latest Zero-Day Vulnerability Fix Coming to All Platforms by January 10
2011-09-09/a>Guy BruneauAdobe plan to release critical security updates next Tuesday for Acrobat and Reader http://www.adobe.com/support/security/bulletins/apsb11-24.html
2011-04-21/a>Guy BruneauAdobe Reader and Acrobat Security Updates
2011-03-29/a>Daniel WesemannMalware emails with fake cellphone invoice
2011-03-22/a>Kevin ShorttAdobe Reader/Acrobat Security Update - http://www.adobe.com/support/security/bulletins/apsb11-06.html
2010-11-16/a>Guy BruneauAcrobat and Adobe Reader Security Update
2010-09-12/a>Manuel Humberto Santander PelaezAdobe Acrobat pushstring Memory Corruption paper
2010-08-18/a>Guy BruneauAdobe out-of-cycle Updates
2010-06-05/a>Guy BruneauSecurity Advisory for Flash Player, Adobe Reader and Acrobat
2010-04-13/a>Adrien de BeaupreSecurity update available for Adobe Reader and Acrobat
2010-02-16/a>Robert DanfordAdobe Updates: http://www.adobe.com/support/security/bulletins/apsb10-07.html http://www.adobe.com/support/security/bulletins/apsb10-06.html
2010-01-12/a>Johannes UllrichPre-Announced Adobe Reader and Acrobat Patch Found!
2010-01-07/a>Daniel WesemannStatic analysis of malicious PDFs
2010-01-07/a>Daniel WesemannStatic analysis of malicous PDFs (Part #2)
2009-10-13/a>Daniel WesemannAdobe Reader and Acrobat - Black Tuesday continues
2009-05-24/a>Raul SilesAnalyzing malicious PDF documents
2009-05-04/a>Tom ListonAdobe Reader/Acrobat Critical Vulnerability
2009-04-29/a>Jason LamTwo Adobe 0-day vulnerabilities
2009-03-10/a>Swa FrantzenAdobe Acrobat 9.1 released
2009-02-25/a>Andre LudwigAdobe Acrobat pdf 0-day exploit, No JavaScript needed!
2008-11-11/a>Swa FrantzenAcrobat continued activity in the wild
2008-06-24/a>Jason LamAdobe Reader and Acrobat 8.1.2 Security Update
2008-04-24/a>Maarten Van HorenbeeckTargeted attacks using malicious PDF files
2006-11-29/a>Toby KohlenbergNew Adobe vulnerability

JS

2018-07-15/a>Didier StevensVideo: Retrieving and processing JSON data (BTC example)
2018-07-14/a>Didier StevensRetrieving and processing JSON data (BTC example)
2017-11-13/a>Guy Bruneaujsonrpc Scanning for root account
2016-12-13/a>Xavier MertensUAC Bypass in JScript Dropper
2016-08-28/a>Guy BruneauSpam with Obfuscated Javascript
2015-11-09/a>John BambenekProtecting Users and Enterprises from the Mobile Malware Threat
2012-06-25/a>Guy BruneauUsing JSDetox to Analyze and Deobfuscate Javascript
2009-05-18/a>Rick WannerJSRedir-R/Gumblar badness
2009-02-25/a>Andre LudwigAdobe Acrobat pdf 0-day exploit, No JavaScript needed!

JAVASCRIPT

2019-02-07/a>Xavier Mertens Phishing Kit with JavaScript Keylogger
2018-07-13/a>Xavier MertensCryptominer Delivered Though Compromized JavaScript File
2018-06-18/a>Xavier MertensMalicious JavaScript Targeting Mobile Browsers
2017-06-22/a>Xavier MertensObfuscating without XOR
2017-03-24/a>Xavier MertensNicely Obfuscated JavaScript Sample
2017-03-04/a>Xavier MertensHow your pictures may affect your website reputation
2017-02-12/a>Xavier MertensAnalysis of a Suspicious Piece of JavaScript
2016-08-28/a>Guy BruneauSpam with Obfuscated Javascript
2016-06-18/a>Rob VandenBrinkControlling JavaScript Malware Before it Runs
2016-02-20/a>Didier StevensLocky: JavaScript Deobfuscation
2016-02-07/a>Xavier MertensMore Malicious JavaScript Obfuscation
2016-01-15/a>Xavier MertensJavaScript Deobfuscation Tool
2015-08-07/a>Tony CarothersCritical Firefox Update Today
2014-08-29/a>Johannes UllrichFalse Positive or Not? Difficult to Analyze Javascript
2014-07-02/a>Johannes UllrichSimple Javascript Extortion Scheme Advertised via Bing
2013-08-07/a>Johannes UllrichFirefox 23 and Mixed Active Content
2013-04-23/a>Russ McReeMicrosoft's Security Intelligence Report (SIRv14) released
2013-02-08/a>Kevin ShorttIs it Spam or Is it Malware?
2012-06-25/a>Guy BruneauUsing JSDetox to Analyze and Deobfuscate Javascript
2012-05-22/a>Johannes Ullrichnmap 6 released
2012-04-25/a>Daniel WesemannBlacole's obfuscated JavaScript
2012-01-22/a>Johannes UllrichJavascript DDoS Tool Analysis
2012-01-03/a>Bojan ZdrnjaThe tale of obfuscated JavaScript continues
2011-12-07/a>Lenny ZeltserV8 as an Alternative to SpiderMonkey for JavaScript Deobfuscation
2011-06-06/a>Manuel Humberto Santander PelaezPhishing: Same goal, same techniques and people still falling for such scams
2011-04-23/a>Manuel Humberto Santander PelaezImage search can lead to malware download
2010-12-02/a>Kevin JohnsonRobert Hansen and our happiness
2010-07-04/a>Manuel Humberto Santander PelaezMalware inside PDF Files
2010-03-05/a>Kyle HaugsnessJavascript obfuscators used in the wild
2009-05-04/a>Tom ListonAdobe Reader/Acrobat Critical Vulnerability
2009-04-07/a>Bojan ZdrnjaAdvanced JavaScript obfuscation (or why signature scanning is a failure)
2009-04-02/a>Bojan ZdrnjaJavaScript insertion and log deletion attack tools
2009-02-25/a>Andre LudwigAdobe Acrobat pdf 0-day exploit, No JavaScript needed!
2008-07-14/a>Daniel WesemannObfuscated JavaScript Redux
2008-06-30/a>Marcus SachsMore SQL Injection with Fast Flux hosting
2008-05-20/a>Raul SilesList of malicious domains inserted through SQL injection
2008-04-06/a>Daniel WesemannAdvanced obfuscated JavaScript analysis
2008-04-03/a>Bojan ZdrnjaMixed (VBScript and JavaScript) obfuscation