Microsoft has closed a great many flaws, including a 0-day abused by the Sandworm team, in November's Patch Tuesday.
The Dyre/Dyreza banking Trojan has lately become very popular with cyber criminals - so much so that the US-CERT has issued an alert warning about the danger.
Administrators of sites that run Drupal 7, and have not yet updated to version 7.32 or have done so later than 7 hours after the public revelation of the highly critical SQL injection vulnerability (CVE-2014-3704) on October 15, are advised to consider their site as potentially compromised and proceed to fix the issue.
The Sandworm vulnerability has been patched, but unfortunately attackers have discovered a way to bypass the patch and continue with their targeted attacks.
Two exploit kits have been outfitted with the exploit for a Flash Player vulnerability that has been patched only a week ago, the researcher that goes by the handle Kafeine has shared on Tuesday.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.