A man arrested in Thailand this week on charges of stealing millions from online bank accounts fits the profile of a miscreant nicknamed "bx1," a hacker fingered by Microsoft as a major operator of botnets powered by the ZeuS banking trojan.
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/D_NUNHSTfy8/
Zero-Day Java Exploit Debuts in Crimeware
The hackers who maintain Blackhole and Nuclear Pack – competing crimeware products that are made to be stitched into hacked sites and use browser flaws to foist malware — say they’ve added a brand new exploit that attacks a previously unknown and currently unpatched security hole in Java.
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/x8J2sRZ5128/
Vuln: Microsoft .NET Framework CVE-2013-0004 Remote Privilege Escalation Vulnerability
"With years of experience and valuable insights from our cloud based application security testing, we thought of conducting a study to discover the prevailing website vulnerability trends. The study is based on our original research on more than 5000 tests covering 300+ customers distributed globally. How was the study conducted?..."
http://www.ivizsecurity.com/blog/penetration-testing/web-application-vulnerability-statistics-of-2012/