Zero-Day

Microsoft Patches Two Zero-Days Exploited for Malware Delivery

exploited, Malware & Threats, Vulnerabilities, Zero-Day /

Microsoft Patches Two Zero-Days Exploited for Malware Delivery 2024-04-10 at 13:27 By Eduard Kovacs Microsoft patches CVE-2024-29988 and CVE-2024-26234, two zero-day vulnerabilities exploited by threat actors to deliver malware. The post Microsoft Patches Two Zero-Days Exploited for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source […]

React to this headline:

Loading spinner

Microsoft Patches Two Zero-Days Exploited for Malware Delivery Read More »

Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz

CVE-2023-46805, CVE-2024-21887, Government, Ivanti, Nation-State, Pulse Secure, Vulnerabilities, Zero-Day /

Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz 2024-04-04 at 22:31 By Ryan Naraine Ivanti releases a carefully scripted YouTube video and an open letter from chief executive Jeff Abbott vowing to fix the entire security organization. The post Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz Read More »

Google Report: Despite Surge in Zero-Day Attacks, Exploit Mitigations Are Working

Google TAG, Lockdown Mode, Malware & Threats, Mandiant, Nation-State, Vulnerabilities, Zero-Day /

Google Report: Despite Surge in Zero-Day Attacks, Exploit Mitigations Are Working 2024-03-27 at 17:01 By Ryan Naraine Despite a surge in zero-day attacks, data shows that security investments into OS and software exploit mitigations are forcing attackers to find new attack surfaces and bug patterns. The post Google Report: Despite Surge in Zero-Day Attacks, Exploit

React to this headline:

Loading spinner

Google Report: Despite Surge in Zero-Day Attacks, Exploit Mitigations Are Working Read More »

Chrome Update Patches Zero-Day Vulnerabilities Exploited at Pwn2Own

Google Chrome, Malware & Threats, Pwn2Own, Vulnerabilities, Zero-Day /

Chrome Update Patches Zero-Day Vulnerabilities Exploited at Pwn2Own 2024-03-27 at 17:01 By Ionut Arghire Google ships a security-themed Chrome browser refresh to fix flaws exploited at the CanSecWest Pwn2Own hacking contest. The post Chrome Update Patches Zero-Day Vulnerabilities Exploited at Pwn2Own appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Chrome Update Patches Zero-Day Vulnerabilities Exploited at Pwn2Own Read More »

Apple Blunts Zero-Day Attacks With iOS 17.4 Update

CVE-2024-23225, CVE-2024-23296, IOS 17.4, Mobile & Wireless, Vulnerabilities, Zero-Day /

Apple Blunts Zero-Day Attacks With iOS 17.4 Update 2024-03-05 at 23:01 By Ryan Naraine Apple rolls out urgent patches to fix multiple security flaws in its flagship iOS platform and warned about zero-day exploits in the wild. The post Apple Blunts Zero-Day Attacks With iOS 17.4 Update appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Apple Blunts Zero-Day Attacks With iOS 17.4 Update Read More »

Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack

CVE-2024-21338, exploited, Featured, Lazarus, Malware & Threats, North Korea, Vulnerabilities, Windows, Zero-Day /

Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack 2024-02-29 at 13:46 By Eduard Kovacs North Korean group Lazarus exploited AppLocker driver zero-day CVE-2024-21338 for privilege escalation in attacks involving FudModule rootkit. The post Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack Read More »

Recent Zero-Day Could Impact Up to 97,000 Microsoft Exchange Servers

Exchange, exploited, Vulnerabilities, Zero-Day /

Recent Zero-Day Could Impact Up to 97,000 Microsoft Exchange Servers 2024-02-20 at 17:02 By Ionut Arghire Shadowserver Foundation has identified roughly 28,000 Microsoft Exchange servers impacted by a recent zero-day. The post Recent Zero-Day Could Impact Up to 97,000 Microsoft Exchange Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Recent Zero-Day Could Impact Up to 97,000 Microsoft Exchange Servers Read More »

Microsoft Warns of Exploited Exchange Server Zero-Day

Exchange, exploited, Microsoft Outlook, Vulnerabilities, Zero-Day /

Microsoft Warns of Exploited Exchange Server Zero-Day 2024-02-15 at 13:46 By Ionut Arghire Microsoft says a newly patched Exchange Server vulnerability (CVE-2024-21410) has been exploited in attacks. The post Microsoft Warns of Exploited Exchange Server Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Microsoft Warns of Exploited Exchange Server Zero-Day Read More »

Windows Zero-Day Exploited in Attacks on Financial Market Traders

Malware & Threats, Windows, Zero-Day /

Windows Zero-Day Exploited in Attacks on Financial Market Traders 2024-02-14 at 14:17 By Eduard Kovacs CVE-2024-21412, one of the security bypass zero-days fixed by Microsoft with Patch Tuesday updates, exploited by Water Hydra (DarkCasino). The post Windows Zero-Day Exploited in Attacks on Financial Market Traders appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Windows Zero-Day Exploited in Attacks on Financial Market Traders Read More »

Fortinet Warns of New FortiOS Zero-Day

exploited, Featured, Fortinet, Vulnerabilities, Zero-Day /

Fortinet Warns of New FortiOS Zero-Day 2024-02-09 at 13:46 By Eduard Kovacs Fortinet patches CVE-2024-21762, a critical remote code execution vulnerability that may have been exploited in the wild. The post Fortinet Warns of New FortiOS Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Fortinet Warns of New FortiOS Zero-Day Read More »

Google Links Over 60 Zero-Days to Commercial Spyware Vendors

Featured, Google, Government, spyware, Tracking & Law Enforcement, Zero-Day /

Google Links Over 60 Zero-Days to Commercial Spyware Vendors 2024-02-06 at 13:16 By Eduard Kovacs More than 60 of the Adobe, Google, Android, Microsoft, Mozilla and Apple zero-days that have come to light since 2016 attributed to spyware vendors.  The post Google Links Over 60 Zero-Days to Commercial Spyware Vendors appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Google Links Over 60 Zero-Days to Commercial Spyware Vendors Read More »

CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products

CISA KEV, Ivanti, Malware & Threats, VPN, Vulnerabilities, Zero-Day /

CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products 2024-02-01 at 19:01 By Ryan Naraine In an unprecedented move, CISA is demanding that federal agencies disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure products within 48 hours. The post CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products appeared first

React to this headline:

Loading spinner

CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products Read More »

Hitron DVR Zero-Day Vulnerabilities Exploited by InfectedSlurs Botnet

botnet, exploited, Malware & Threats, Zero-Day /

Hitron DVR Zero-Day Vulnerabilities Exploited by InfectedSlurs Botnet 2024-01-31 at 12:32 By Ionut Arghire Akamai flags six zero-day vulnerabilities in Hitron DVRs exploited to ensnare devices in the InfectedSlurs botnet. The post Hitron DVR Zero-Day Vulnerabilities Exploited by InfectedSlurs Botnet appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Hitron DVR Zero-Day Vulnerabilities Exploited by InfectedSlurs Botnet Read More »

Apple Ships iOS 17.3, Warns of WebKit Zero-Day Exploitation

iOS 17.3, macOS Sonoma, Malware & Threats, Vulnerabilities, WebKit, Zero-Day /

Apple Ships iOS 17.3, Warns of WebKit Zero-Day Exploitation 2024-01-22 at 22:31 By Ryan Naraine Apple pushes out fresh versions of its iOS and macOS platforms to fix WebKit vulnerabilities being exploited as zero-day in the wild. The post Apple Ships iOS 17.3, Warns of WebKit Zero-Day Exploitation appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Apple Ships iOS 17.3, Warns of WebKit Zero-Day Exploitation Read More »

Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation

Citrix, exploited, Vulnerabilities, Zero-Day /

Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation 2024-01-17 at 12:16 By Eduard Kovacs Citrix is aware of attacks exploiting two new NetScaler ADC and Gateway zero-day vulnerabilities tracked as CVE-2023-6548 and CVE-2023-6549. The post Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation Read More »

Google Warns of Chrome Browser Zero-Day Being Exploited

CVE-2024-0519, Featured, Google Chrome, V8 Engine, Vulnerabilities, Zero-Day /

Google Warns of Chrome Browser Zero-Day Being Exploited 2024-01-16 at 23:31 By Ryan Naraine The exploited zero-day, tagged as CVE-2024-0519, is described as an out-of-bounds memory access issue in the V8 JavaScript engine. The post Google Warns of Chrome Browser Zero-Day Being Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Google Warns of Chrome Browser Zero-Day Being Exploited Read More »

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins

exploited, Featured, Ivanti, Malware & Threats, Zero-Day /

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins 2024-01-16 at 12:46 By Eduard Kovacs The recently disclosed Ivanti VPN zero-days have been exploited to hack at least 1,700 devices, including government, telecoms, defense, and tech. The post Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins Read More »

Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout

China, espionage, Ivanti, Malware & Threats, Zero-Day /

Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout 2024-01-12 at 13:16 By Eduard Kovacs Ivanti zero-day vulnerabilities dubbed ConnectAround could impact thousands of systems and Chinese cyberspies are preparing for patch release. The post Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout Read More »

Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days

Ivanti, Nation-State, Volexity, VPN, Vulnerabilities, Zero-Day /

Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days 2024-01-11 at 00:01 By Ryan Naraine Ivanti confirms active zero-day exploits, ships pre-patch mitigations, but says comprehensive fixes won’t be available until January 22. The post Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days Read More »

Barracuda Zero-Day Used to Target Government, Tech Organizations in US, APJ

Barracuda, China, Malware & Threats, Zero-Day /

Barracuda Zero-Day Used to Target Government, Tech Organizations in US, APJ 2023-12-28 at 13:01 By Eduard Kovacs The new Barracuda ESG zero-day CVE-2023-7102 has been used by Chinese hackers to target organizations in the US and APJ region. The post Barracuda Zero-Day Used to Target Government, Tech Organizations in US, APJ appeared first on SecurityWeek.

React to this headline:

Loading spinner

Barracuda Zero-Day Used to Target Government, Tech Organizations in US, APJ Read More »

Scroll to Top