Tag: zero-day
-
MoveIt Transfer vulnerability targeted amid disclosure drama
by
in SecurityNewsProgress Software’s MoveIt Transfer is under attack again, just one year after a Clop ransomware actor exploited a different zero-day MoveIt flaw agai… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366591974/MoveIt-Transfer-vulnerability-targeted-amid-disclosure-drama
-
Attackers Exploit ‘EvilVideo’ Telegram Zero-Day to Hide Malware
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/attackers-exploit-evilvideo-telegram-zero-day-malware
-
CISA discloses breach of Chemical Security Assessment Tool
by
in SecurityNewsCISA first disclosed the breach in March, which stemmed from Ivanti zero-day vulnerabilities that were first exploited in January by a Chinese nation-… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366589568/CISA-discloses-breach-of-Chemical-Security-Assessment-Tool
-
EvilVideo, a Telegram Android zero-day allowed sending malicious APKs disguised as videos
by
in SecurityNewsEvilVideo is a zero-day in the Telegram App for Android that allowed attackers to send malicious APK payloads disguised as videos. ESET researchers di… First seen on securityaffairs.com Jump to article: securityaffairs.com/166042/hacking/evilvideo-telegram-android-zero-day.html
-
Critical Microsoft Zero-Day Vulnerability Exploited in the Wild for Over a Year
by
in SecurityNewsA severe zero-day vulnerability in Microsoft Windows, tracked as CVE-2024-38112, has been actively exploited by threat actors for at least 18 months. … First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/critical-microsoft-zero-day-vulnerability-exploited-in-the-wild-for-over-a-year/
-
Video-spoofing malware distributed via Telegram for Android zero-day
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/video-spoofing-malware-distributed-via-telegram-for-android-zero-day
-
Windows Patchday-Nachlese: MSHTML 0-day-Schwachstelle CVE-2024-38112 durch Malware ausgenutzt
by
in SecurityNewsNoch ein kleiner Nachtrag zum Juli 2024 Patchday bei Microsoft. Mit den Sicherheitsupdates hat Microsoft auch eine MSHTML Spoofing-Schwachstelle gesch… First seen on borncity.com Jump to article: www.borncity.com/blog/2024/07/18/windows-patchday-nachlese-mshtml-0-day-schwachstelle-cve-2024-38112-durch-malware-ausgenutzt/
-
Vulnerability in Telegram app for Android allows sending malicious files disguised as videos
by
in SecurityNewsESET researchers discovered a zero-day exploit, which targets the Telegram app for Android, that appeared for sale for an unspecified price in an unde… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/07/23/telegram-exploit-evilvideo/
-
Telegram Zero-Day Enabled Malware Delivery
by
in SecurityNewsThe EvilVideo zero-day vulnerability in Telegram for Android allowed threat actors to send malicious files disguised as videos. The post Telegram Zero… First seen on securityweek.com Jump to article: www.securityweek.com/telegram-zero-day-enabled-malware-delivery/
-
Telegram zero-day allowed sending malicious Android APKs as videos
by
in SecurityNewsFirst seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/telegram-zero-day-allowed-sending-malicious-android-apks-as-videos/
-
Telegram zero-day for Android allowed malicious files to masquerade as videos
by
in SecurityNewsFirst seen on therecord.media Jump to article: therecord.media/telegram-zero-day-android-app-eset
-
Black Basta ransomware crew may be exploiting Microsoft zero-day
by
in SecurityNewsA Microsoft vulnerability that was addressed without fanfare in March may in fact have been exploited as a zero-day by the notorious Black Basta ranso… First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366588814/Black-Basta-ransomware-crew-may-be-exploiting-Microsoft-zero-day
-
Void Banshee APT Exploits Microsoft Zero-Day in Spear-Phishing Attacks
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/void-banshee-apt-microsoft-zero-day-spear-phishing-attacks
-
Void Banshee exploits CVE-2024-38112 zero-day to spread malware
Void Banshee APT group exploited the Windows zero-day CVE-2024-38112 to execute code via the disabled Internet Explorer. An APT group tracked as Void … First seen on securityaffairs.com Jump to article: securityaffairs.com/165832/apt/void-banshee-cve-2024-38112-zero-day-attacks.html
-
Black Basta might have exploited Microsoft flaw as zero-day
by
in SecurityNewsWhile investigating a ransomware attack, Symantec observed tactics, techniques and procedures that suggest Black Basta threat actors exploited a Micro… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366588641/Black-Basta-may-have-exploited-Microsoft-flaw-as-zero-day
-
RCE flaw and DNS zero-day top list of Patch Tuesday bugs
by
in SecurityNews
Tags: authentication, dns, flaw, microsoft, rce, remote-code-execution, update, vulnerability, zero-dayAn RCE vulnerability in a Microsoft messaging feature and a third-party flaw in a DNS authentication protocol are the most pressing issues to address … First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366588458/RCE-flaw-and-DNS-zero-day-top-list-of-Patch-Tuesday-bugs
-
Nation-States and Zero-days Cranking Up the Heat
by
in SecurityNewsSummertime isn’t just for vacations and barbecues, it’s also prime season for zero-day attacks. These attacks, launched by malicious actors exploiting… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/nation-states-and-zero-days-cranking-up-the-heat/
-
Void Banshee group using patched zero-day to execute infostealer
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/news/void-banshee-group-using-patched-zero-day-to-execute-infostealer
-
Internet-Explorer wird für Zero-Day-Spoofing-Angriffe missbraucht
by
in SecurityNewsCheck Point Research (CPR), die Threat-Intelligence-Abteilung von Check Point Software Technologies warnt vor einem neuen Spoofing-Angriff durch Hacke… First seen on netzpalaver.de Jump to article: netzpalaver.de/2024/07/11/internet-explorer-wird-fuer-zero-day-spoofing-angriffe-missbraucht/
-
Void Banshee APT exploited >>lingering Windows relic<< in zero-day attacks
by
in SecurityNewsThe zero-day exploit used to leverage CVE-2024-38112, a recently patched Windows MSHTML vulnerability, was wielded by an APT group dubbed Void Banshee… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/07/16/cve-2024-38112-void-banshee/
-
Zero-Day Vulnerability Found in VirtualBox: Host Systems at Risk
by
in SecurityNewsA new threat has emerged concerning the security of VirtualBox virtual machines (VMs). A threat actor known as Cas has surfaced on BreachForums, revea… First seen on thecyberexpress.com Jump to article: thecyberexpress.com/virtualbox-vm-escape-vulnerability/
-
Attackers Have Been Leveraging Microsoft Zero-Day for 18 Months
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/application-security/attackers-have-been-leveraging-microsoft-zero-day-for-18-months
-
Threat Actors Exploited Windows 0-Day For More Than A Year Before Microsoft Fixed It
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36093/Threat-Actors-Exploited-Windows-0-Day-For-More-Than-A-Year-Before-Microsoft-Fixed-It.html
-
Japanese Space Agency Spotted Zero-Day Attacks While Cleaning Up Attack On M365
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36092/Japanese-Space-Agency-Spotted-Zero-Day-Attacks-While-Cleaning-Up-Attack-On-M365.html
-
APT Exploits Windows Zero-Day to Execute Code via Disabled Internet Explorer
The Void Banshee APT exploited the CVE-2024-38112 Windows zero-day to infect systems with the Atlantida stealer. The post APT Exploits Windows Zero-Da… First seen on securityweek.com Jump to article: www.securityweek.com/apt-exploits-windows-zero-day-to-execute-code-via-disabled-internet-explorer/
-
Velvet Ant Exploits Cisco Zero-Day Flaw
by
in SecurityNewsRecent events in the cybersecurity landscape have brought to light the activities of a China-nexus cyber espionage group known as Velvet Ant. The thre… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/velvet-ant-exploits-cisco-zero-day-flaw/
-
Week in review: RADIUS protocol critical vuln, Microsoft 0-day exploited for a year, ATT breach
by
in SecurityNewsHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: Hackers stole call, text records of nearly all of AT… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/07/14/week-in-review-radius-protocol-critical-vuln-microsoft-0-day-exploited-for-a-year-att-breach/
-
Microsoft Fixes Four Zero-Days in July Patch Tuesday
by
in SecurityNewsFirst seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/microsoft-four-zerodays-july-patch/
-
Breach Roundup: Microsoft Patches Zero-Day Active Since 2023
Also: Europol Decries Mobile Encryption; FBCS Breach Victim Count Grows. This week, Microsoft and Adobe released patches, Europol pushed back against … First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-microsoft-patches-zero-day-active-since-2023-a-25750