Following our recent posting of an Apple Quicktime 0-day vulnerability, Websense Security Labs™ ThreatSeeker™ Network has discovered exploitation of this vulerability in the wild. We have protected customers from this vulnerability for at least a month now, and also provide real-time protection for customers using ACE.

Here is a screenshot of the attack page that shows the call to the vulnerable Quicktime function:

View full post on Security Labs

• New IE 0-Day used in Targeted Attacks
  Things have been pretty rough in the Response world the past few weeks. The number of exploits taking advantage of unknown and unpatched vulnerabilities has been breathtaking. One such case started f...
• New Adobe 0day exploit in the wild
  Early this week Adobe released a new security advisory about a critical vulnerability found in their Adobe Acrobat and Acrobat reader applications. Even the Internet Storm Center issued a security ad...
• Adobe Acrobat/Reader 0-day in Wild, Adobe Issues Advisory, (Wed, Sep 8th)
  We just received word that there is a report of a 0-day exploit for Adobe Acrobat/Reader being exploited in the wild. Secunia has a brief write up and here is the link to the original advisory. The ex...
• Apple QuickTime “_MARSHALED_PUNK” 0-day
  Yesterday we received reports about a flaw in Apple's QuickTime player. According to the reports, this flaw can potentially allow an attacker to exploit the user's machine through the browser ...
• Adobe 0-day used in mass injections
  Unfortunately it was only a matter of time. Until today the latest Adobe 0-day vulnerability (CVE-2010-1297) had only been used in targeted attacks. That changed a few hours ago when we started seeing...
• How the Adobe 0-day is used in attacks
  Matt Oh posted a great blog post yesterday about how the Adobe 0-day vulnerability works (CVE-2010-1297) and today we'll take a look at how the vulnerability is used in a live attack and how the W...
• 0-Day Attack in the Wild for Adobe Flash, Reader, and Acrobat
  We have confirmed the attacks that are exploiting the vulnerability (CVE-2010-1297) Adobe announced on its security advisory are in the wild.   The exploit takes advantage of an unpatched v...
• Adobe CVE-2009-4324 in the wild – (0day) – part 0
  A quick analysis (This post is under update):Something more from other site:A detailed CVE-2009-4324 analysis (many thanks vrt-sourcefire team :) ) :VRT-Sourcefirehttp://vrt-sourcefire.blogspot.com/2...
• Adobe CVE-2009-4324 in the wild – (0day) – part 0.1 – browsing C&Cs
  "playing" with one of the URL, run by a C & C (see previous post http://extraexploit.blogspot.com/2009/12/adobe-cve-2009-4324-in-wild.html) you can access some path in which are content folder names m...
• Adobe CVE-2009-4324 in the wild – (0day) – part 0.2 – shellcode and site down
  It seem that the spreading infrastructure it's down (or may be the admins has change domains or paths as well ). Anyway the following screenshots shown the shell code embedded in one of the well know ...