Tag: zero-day
-
Versa Director Zero-day Vulnerability Let Attackers Upload Malicious Files
by
in SecurityNewsVersa Networks specializes in successful business. It offers Secure Access Service Edge (SASE), consolidating networking and security services in a si… First seen on gbhackers.com Jump to article: gbhackers.com/versa-director-zero-day-vulnerability-attack/
-
China-Nexus Group Velvet Ant Exploits Cisco Zero-Day (CVE-2024-20399)
by
in SecurityNewsAt the beginning of 2024, the Chinese group Velvet Ant exploited a patched zero-day vulnerability (CVE-2024-20399, CVSS 6.7) in Cisco switches to gain… First seen on securityonline.info Jump to article: securityonline.info/china-nexus-group-velvet-ant-exploits-cisco-zero-day-cve-2024-20399/
-
China-linked APT Volt Typhoon exploited a zero-day in Versa Director
China-linked APT group Volt Typhoon exploited a zero-day flaw in Versa Director to upload a custom webshell in target networks. China-linked APT Volt … First seen on securityaffairs.com Jump to article: securityaffairs.com/167658/apt/volt-typhoon-versa-director-zero-day.html
-
Attacks exploiting Versa Director zero-day launched by Volt Typhoon
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/attacks-exploiting-versa-director-zero-day-launched-by-volt-typhoon
-
Another exploited Chrome zero-day addressed
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/another-exploited-chrome-zero-day-addressed
-
3CX Phone System Local Privilege Escalation Vulnerability
by
in SecurityNewsOverview In an effort to safeguard our customers, we perform proactive vulnerability research with the goal of identifying zero-day vulnerabilities th… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/3cx-phone-system-local-privilege-escalation-vulnerability/
-
WPS Office Zero-Day Exploited by South Korea-Linked Cyberspies
by
in SecurityNewsA WPS Office zero-day vulnerability tracked as CVEâ -â 2024â -â 7262 was exploited by South Korean hacker group APT-C-60. The post WPS Office Zero… First seen on securityweek.com Jump to article: www.securityweek.com/wps-office-zero-day-exploited-by-south-korea-linked-cyberspies/
-
Censys Finds Hundreds of Exposed Servers as Volt Typhoon APT Targets Service Providers
by
in SecurityNewsAmidst Volt Typhoon zero-day exploitation, Censys finds hundreds of exposed servers presenting ripe attack surface for attackers. The post Censys Find… First seen on securityweek.com Jump to article: www.securityweek.com/censys-finds-hundreds-of-exposed-servers-as-volt-typhoon-apt-targets-isps-msps/
-
Hacker nutzen Zero-Day-Lücke für Kernelzugriff aus
by
in SecurityNewsMöglich ist der Kernelzugriff durch einen Windows-Treiber namens AFD.sys. Mindestens seit Juni installiert eine bekannte Hackergruppe darüber ein Root… First seen on golem.de Jump to article: www.golem.de/news/windows-hacker-nutzen-zero-day-luecke-fuer-kernelzugriff-aus-2408-188165.html
-
ISPs infiltriert: Zero Day seit Monaten ausgenutzt‹
by
in SecurityNews
Tags: zero-dayFirst seen on heise.de Jump to article: www.heise.de/news/Zero-Day-Versa-Director-Angreifer-nisten-sich-bei-ISPs-ein-9849553.html
-
Google addressed the tenth actively exploited Chrome zero-day this year
by
in SecurityNewsGoogle released emergency security updates to fix the tenth actively exploited Chrome zero-day vulnerability this year. Google released a security upd… First seen on securityaffairs.com Jump to article: securityaffairs.com/167631/hacking/10th-google-chrome-zero-day-this-year.html
-
Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717)
by
in SecurityNewsAdvanced, persistent attackers have exploited a zero-day vulnerability (CVE-2024-39717) in Versa Director to compromise US-based managed service provi… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/27/cve-2024-39717-exploited/
-
Chinese Nation-State Attackers Tied to Versa Zero-Day Hit
Targeted Versa Software Used by Service Providers to Manage Wide Area Networks. Chinese nation-state attackers are actively exploiting a zero-day vuln… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-nation-state-attackers-tied-to-versa-zero-day-hit-a-26152
-
Chinese Volt Typhoon hackers exploited Versa zero-day to breach ISPs, MSPs
by
in SecurityNewsThe Chinese state-backed hacking group Volt Typhoon is behind attacks that exploited a zero-day flaw in Versa Director to upload a custom webshell to … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-volt-typhoon-hackers-exploited-versa-zero-day-to-breach-isps-msps/
-
Censys Finds Hundreds of Exposed Servers as Volt Typhoon APT Targets ISPs, MSPs
by
in SecurityNewsAmidst Volt Typhoon zero-day exploitation, Censys finds hundreds of exposed servers presenting ripe attack surface for attackers. The post Censys Find… First seen on securityweek.com Jump to article: www.securityweek.com/censys-finds-hundreds-of-exposed-servers-as-volt-typhoon-apt-targets-isps-msps/
-
Google tags a tenth Chrome zero-day as exploited this year
Today, Google revealed that it patched the tenth zero-day exploited in the wild in 2024 by attackers or security researchers during hacking contests. … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-tags-a-tenth-chrome-zero-day-as-exploited-this-year/
-
China’s Volt Typhoon Exploits 0-day in Versa’s SD-WAN Director Servers
by
in SecurityNewsSo far, the threat actor has compromised at least five organizations using CVE-2024-39717; CISA has added bug to its Known Exploited Vulnerability dat… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/china-s-volt-typhoon-actively-exploiting-now-patched-0-day-in-versa-director-servers
-
News Chrome 0-Day Vulnerability (CVE-2024-7965) Actively Exploited in the Wild
by
in SecurityNewsThe Chrome team announced that Chrome 128 has been promoted to the stable channel for Windows, Mac, and Linux. This update, Chrome 128.0.6613.84/.85, … First seen on gbhackers.com Jump to article: gbhackers.com/news-chrome-0-day-vulnerability/
-
Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited
by
in SecurityNewsHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: PostgreSQL databases under attack Poorly protected P… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/25/week-in-review-postgresql-databases-under-attack-new-chrome-zero-day-actively-exploited/
-
China’s Volt Typhoon Hackers Caught Exploiting Zero-Day in Servers Used by ISPs, MSPs
Malware hunters catch Chinese APT Volt Typhoon exploiting a zero-day in Versa Director servers used by ISPs and MSPs. The post China’s Volt Typhoon Ha… First seen on securityweek.com Jump to article: www.securityweek.com/chinese-apt-volt-typhoon-caught-exploiting-versa-networks-sd-wan-zero-day/
-
0-day-Schwachstelle CVE-2024-38193 wurde durch Lazarus angegriffen
by
in SecurityNewsZum 13. August 2024 hat Microsoft die 0-day-Schwachstelle CVE-2024-38193 im Treiber afd.sys mit einem Sicherheitsupdate geschlossen. Dort hieß es vage… First seen on borncity.com Jump to article: www.borncity.com/blog/2024/08/20/windows-0-day-schwachstelle-cve-2024-38193-wurde-durch-lazarus-angegriffen/
-
Critical Chrome Zero-Day Vulnerability (CVE-2024-7965) Requires Immediate User Action
by
in SecurityNewsGoogle recently addressed a critical zero-day vulnerability in its Chrome browser, identified as CVE-2024-7965. This high-severity flaw, affecting ver… First seen on thecyberexpress.com Jump to article: thecyberexpress.com/google-fixes-chrome-zero-day-vulnerability/
-
China’s Volt Typhoon reportedly targets US internet providers using Versa zero-day
by
in SecurityNewsFirst seen on therecord.media Jump to article: therecord.media/versa-zero-day-volt-typhoon-china
-
Versa fixes Director zero-day vulnerability exploited in attacks
by
in SecurityNewsVersa Networks has fixed a zero-day vulnerability exploited in the wild that allows attackers to upload malicious files by exploiting an unrestricted … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/versa-fixes-director-zero-day-vulnerability-exploited-in-attacks/
-
Microsoft Patches Zero-Day Flaw Exploited by North Korea’s Lazarus Group
by
in SecurityNewsA newly patched security flaw in Microsoft Windows was exploited as a zero-day by Lazarus Group, a prolific state-sponsored actor affiliated with Nort… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/microsoft-patches-zero-day-flaw.html
-
Chinese government hackers targeted U.S. internet providers with zero-day exploit, researchers say
by
in SecurityNews
Tags: china, exploit, government, group, hacker, Internet, service, software, vulnerability, zero-dayA group of hackers linked to the Chinese government used a previously unknown vulnerability in software to target U.S. internet service providers, sec… First seen on techcrunch.com Jump to article: techcrunch.com/2024/08/27/chinese-government-hackers-targeted-u-s-internet-providers-with-zero-day-exploit-researchers-say/
-
Chrome Zero-day Vulnerability Actively Exploited in the Wild
by
in SecurityNewsGoogle has announced the release of Chrome 128 to the stable channel for Windows, Mac, and Linux. This update, Chrome 128.0.6613.84 for Linux and 128…. First seen on gbhackers.com Jump to article: gbhackers.com/chrome-zero-day-vulnerability-2/
-
Project Zero: ‘It Will Take All of Us to End The Era of Zero Days’
by
in SecurityNews
Tags: zero-dayFirst seen on duo.com Jump to article: duo.com/decipher/project-zero-it-will-take-all-of-us-to-end-the-era-of-zero-days
-
SolarWinds Web Help Desk Vulnerability Possibly Exploited As Zero Day
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36228/SolarWinds-Web-Help-Desk-Vulnerability-Possibly-Exploited-As-Zero-Day.html
-
New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971)
by
in SecurityNewsA new Chrome zero-day vulnerability (CVE-2024-7971) exploited by attackers in the wild has been fixed by Google. About CVE-2024-7971 CVE-2024-7971 is … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/22/cve-2024-7971/