Zero-Day

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins

exploited, Featured, Ivanti, Malware & Threats, Zero-Day /

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins 2024-01-16 at 12:46 By Eduard Kovacs The recently disclosed Ivanti VPN zero-days have been exploited to hack at least 1,700 devices, including government, telecoms, defense, and tech. The post Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins appeared first on SecurityWeek. This article […]

React to this headline:

Loading spinner

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins Read More »

Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout

China, espionage, Ivanti, Malware & Threats, Zero-Day /

Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout 2024-01-12 at 13:16 By Eduard Kovacs Ivanti zero-day vulnerabilities dubbed ConnectAround could impact thousands of systems and Chinese cyberspies are preparing for patch release. The post Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout Read More »

Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days

Ivanti, Nation-State, Volexity, VPN, Vulnerabilities, Zero-Day /

Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days 2024-01-11 at 00:01 By Ryan Naraine Ivanti confirms active zero-day exploits, ships pre-patch mitigations, but says comprehensive fixes won’t be available until January 22. The post Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days Read More »

Barracuda Zero-Day Used to Target Government, Tech Organizations in US, APJ

Barracuda, China, Malware & Threats, Zero-Day /

Barracuda Zero-Day Used to Target Government, Tech Organizations in US, APJ 2023-12-28 at 13:01 By Eduard Kovacs The new Barracuda ESG zero-day CVE-2023-7102 has been used by Chinese hackers to target organizations in the US and APJ region. The post Barracuda Zero-Day Used to Target Government, Tech Organizations in US, APJ appeared first on SecurityWeek.

React to this headline:

Loading spinner

Barracuda Zero-Day Used to Target Government, Tech Organizations in US, APJ Read More »

Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day

Barracuda, email security, Featured, Malware & Threats, Zero-Day /

Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day 2023-12-27 at 13:16 By Eduard Kovacs Chinese hackers exploited a zero-day tracked as CVE-2023-7102 to deliver malware to Barracuda Email Security Gateway (ESG) appliances. The post Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day Read More »

Google Rushes to Patch Eighth Chrome Zero-Day This Year

Chrome, Featured, Vulnerabilities, Zero-Day /

Google Rushes to Patch Eighth Chrome Zero-Day This Year 21/12/2023 at 13:48 By Ionut Arghire Google warns of in-the-wild exploitation of CVE-2023-7024, a new Chrome vulnerability, the eighth documented this year. The post Google Rushes to Patch Eighth Chrome Zero-Day This Year appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Google Rushes to Patch Eighth Chrome Zero-Day This Year Read More »

Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE

Akamai, Malware & Threats, Microsoft, Microsoft Outlook, Vulnerabilities, Zero-Day /

Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE 19/12/2023 at 23:55 By Ionut Arghire Akamai researchers document more vulnerabilities and patch bypasses leading to zero-click remote code execution in Microsoft Outlook. The post Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE Read More »

Apple Sets Trap to Catch iMessage Impersonators

Featured, iMessage, iOS 17.2, macOS 14.2, Mobile & Wireless, Nation-State, nso group, Zero-Day /

Apple Sets Trap to Catch iMessage Impersonators 12/12/2023 at 20:33 By Ryan Naraine New iMessage Contact Key Verification feature in Apple’s iOS and macOS platforms help catch impersonators on its iMessage service. The post Apple Sets Trap to Catch iMessage Impersonators appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Apple Sets Trap to Catch iMessage Impersonators Read More »

Google Patches Seventh Chrome Zero-Day of 2023

Chrome, exploited, Featured, Vulnerabilities, Zero-Day /

Google Patches Seventh Chrome Zero-Day of 2023 29/11/2023 at 16:46 By Ionut Arghire The latest Chrome security update addresses the seventh exploited zero-day vulnerability documented in the browser in 2023. The post Google Patches Seventh Chrome Zero-Day of 2023 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Google Patches Seventh Chrome Zero-Day of 2023 Read More »

UK, Korea Warn of DPRK Supply Chain Attacks Involving Zero-Day Flaws

Government, North Korea, Zero-Day /

UK, Korea Warn of DPRK Supply Chain Attacks Involving Zero-Day Flaws 27/11/2023 at 15:46 By Ionut Arghire UK and Korea say DPRK state-sponsored hackers targeted governments, defense organizations via supply chain attacks. The post UK, Korea Warn of DPRK Supply Chain Attacks Involving Zero-Day Flaws appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

UK, Korea Warn of DPRK Supply Chain Attacks Involving Zero-Day Flaws Read More »

SysAid Zero-Day Vulnerability Exploited by Ransomware Group

Cl0p, exploited, Ransomware, SysAid, Vulnerabilities, Zero-Day /

SysAid Zero-Day Vulnerability Exploited by Ransomware Group 09/11/2023 at 13:32 By Eduard Kovacs CVE-2023-47246 zero-day vulnerability in SysAid IT service management software has been exploited by Cl0p ransomware affiliates. The post SysAid Zero-Day Vulnerability Exploited by Ransomware Group appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

SysAid Zero-Day Vulnerability Exploited by Ransomware Group Read More »

Apache ActiveMQ Vulnerability Exploited as Zero-Day

exploited, Malware & Threats, Zero-Day /

Apache ActiveMQ Vulnerability Exploited as Zero-Day 04/11/2023 at 19:31 By Eduard Kovacs The recently patched Apache ActiveMQ vulnerability tracked as CVE-2023-46604 has been exploited as a zero-day since at least October 10. The post Apache ActiveMQ Vulnerability Exploited as Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Apache ActiveMQ Vulnerability Exploited as Zero-Day Read More »

Russian Hackers Caught Exploiting Roundcube Webmail Zero-Day

exploited, Malware & Threats, Roundcube, Russia, Zero-Day /

Russian Hackers Caught Exploiting Roundcube Webmail Zero-Day 25/10/2023 at 19:17 By Ionut Arghire Russian APT Winter Vivern exploits a zero-day in the Roundcube webmail server in attacks targeting European governments. The post Russian Hackers Caught Exploiting Roundcube Webmail Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Russian Hackers Caught Exploiting Roundcube Webmail Zero-Day Read More »

Number of Cisco Devices Hacked via Zero-Day Remains High as Attackers Update Implant

Cisco, Malware & Threats, Vulnerabilities, vulnerability, Zero-Day /

Number of Cisco Devices Hacked via Zero-Day Remains High as Attackers Update Implant 24/10/2023 at 20:02 By Eduard Kovacs The number of Cisco devices hacked via recent zero-days remains high, but the attackers have updated their implant. The post Number of Cisco Devices Hacked via Zero-Day Remains High as Attackers Update Implant appeared first on

React to this headline:

Loading spinner

Number of Cisco Devices Hacked via Zero-Day Remains High as Attackers Update Implant Read More »

Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops

Cisco, Featured, Malware & Threats, Vulnerabilities, Zero-Day /

Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops 23/10/2023 at 21:49 By Eduard Kovacs Cisco has found a second zero-day vulnerability that has been exploited in recent attacks as the number of hacked devices has started dropping. The post Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops appeared first

React to this headline:

Loading spinner

Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops Read More »

Cisco Devices Compromised through IOS XE Zero-Day Vulnerability (CVE-2023-20198)

Cisco, Cisco IOS XE, CVE-2021-1435, CVE-2023-20198, vulnerability, Zero Day Vulnerability, Zero-Day /

Cisco Devices Compromised through IOS XE Zero-Day Vulnerability (CVE-2023-20198) 19/10/2023 at 16:02 By cybleinc Cyble Global Sensor Intelligence (CGSI) Networks observes the active exploitation of the Cisco IOS XE Zero-Day Vulnerability. The post Cisco Devices Compromised through IOS XE Zero-Day Vulnerability (CVE-2023-20198) appeared first on Cyble. This article is an excerpt from Cyble View Original

React to this headline:

Loading spinner

Cisco Devices Compromised through IOS XE Zero-Day Vulnerability (CVE-2023-20198) Read More »

Recent NetScaler Vulnerability Exploited as Zero-Day Since August

Citrix, exploited, Featured, Vulnerabilities, Zero-Day /

Recent NetScaler Vulnerability Exploited as Zero-Day Since August 18/10/2023 at 14:01 By Ionut Arghire Mandiant says the recently patched Citrix NetScaler vulnerability CVE-2023-4966 had been exploited as zero-day since August. The post Recent NetScaler Vulnerability Exploited as Zero-Day Since August appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Recent NetScaler Vulnerability Exploited as Zero-Day Since August Read More »

Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability

Cisco, Featured, Malware & Threats, Zero-Day /

Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability 18/10/2023 at 14:01 By Eduard Kovacs Tens of thousands of Cisco devices have reportedly been hacked via the exploitation of the zero-day vulnerability CVE-2023-20198. The post Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability Read More »

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability

Cisco, exploited, Featured, Vulnerabilities, Zero-Day /

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability 17/10/2023 at 14:16 By Eduard Kovacs Cisco is warning customers that a new IOS XE zero-day vulnerability tracked as CVE-2023-20198 is being exploited to hack devices.  The post Cisco Devices Hacked via IOS XE Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability Read More »

‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History

DDoS, Featured, Network Security, Rapid Reset, Zero-Day /

‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History 10/10/2023 at 17:02 By Eduard Kovacs A zero-day vulnerability named HTTP/2 Rapid Reset has been exploited to launch some of the largest DDoS attacks in history. The post ‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History appeared first on

React to this headline:

Loading spinner

‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History Read More »

Scroll to Top