Tag: zero-day
-
Four zero days headline hefty July Patch Tuesday drop
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/news/four-zero-days-headline-hefty-july-patch-tuesday-drop
-
Actively Exploited Microsoft Zero-Days Fixed in July Patch Tuesday
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/actively-exploited-microsoft-zero-days-fixed-in-july-patch-tuesday
-
Microsoft Patch Tuesday for July 2024 fixed 2 actively exploited zero-days
Microsoft Patch Tuesday security updates for July 2024 addressed 139 flaws, including two actively exploited zero-days. Microsoft Patch Tuesday securi… First seen on securityaffairs.com Jump to article: securityaffairs.com/165520/security/microsoft-patch-tuesday-for-july-2024.html
-
Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware
by
in SecurityNewsA China-nexus cyber espionage group named Velvet Ant has been observed exploiting a zero-day flaw in Cisco NX-OS Software used in its switches to deli… First seen on thehackernews.com Jump to article: thehackernews.com/2024/07/chinese-hackers-exploiting-cisco.html
-
Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112)
by
in SecurityNewsCVE-2024-38112, a spoofing vulnerability in Windows MSHTML Platform for which Microsoft has released a fix on Tuesday, has likely been exploited by at… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/07/10/cve-2024-38112-cve-2024-38021/
-
Windows MSHTML zero-day used in malware attacks for over a year
by
in SecurityNewsMicrosoft fixed a Windows zero-day vulnerability that has been actively exploited in attacks for eighteen months to launch malicious scripts while byp… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-mshtml-zero-day-used-in-malware-attacks-for-over-a-year/
-
Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited
by
in SecurityNewsPatch Tuesday: Microsoft patches more than 140 security vulnerabilities in the Windows ecosystem, including a pair of exploited zero-days. The post Mi… First seen on securityweek.com Jump to article: www.securityweek.com/microsoft-warns-of-windows-hyper-v-zero-day-being-exploited/
-
Microsoft July 2024 Patch Tuesday fixes 142 flaws, 4 zero-days
Today is Microsoft’s July 2024 Patch Tuesday, which includes security updates for 142 flaws, including two actively exploited and two publicly disclos… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-july-2024-patch-tuesday-fixes-142-flaws-4-zero-days/
-
Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)
For July 2024 Patch Tuesday, Microsoft has released security updates and patches that fix 142 CVEs, including two exploited zero-days (CVE-2024-38080,… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/07/09/microsoft-fixes-two-zero-days-exploited-by-attackers-cve-2024-38080-cve-2024-38112/
-
CISA Adds Critical Zero-Day Vulnerabilities from July 2024 Patch Tuesday to Exploited List
by
in SecurityNewsCISA has added two zero-day vulnerabilities from the cluster of vulnerabilities fixed in this month’s patch Tuesday. In its latest patch Tuesday relea… First seen on thecyberexpress.com Jump to article: thecyberexpress.com/known-exploited-vulnerabilities-catalog/
-
Breaking Down Microsoft’s July 2024 Patch Tuesday: Zero-Days and New Features
by
in SecurityNewsOn the second Tuesday of July 2024, Microsoft Corporation issued its latest round of security updates, marking another Patch Tuesday update. This mont… First seen on thecyberexpress.com Jump to article: thecyberexpress.com/microsoft-patch-tuesday/
-
Microsoft fixes 2 zero days in massive July Patch Tuesday
by
in SecurityNewsMicrosoft disclosed and patched a whopping 142 vulnerabilities in a busy Patch Tuesday that included two zero-day flaws under active exploitation in t… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366593052/Microsoft-fixes-2-zero-days-in-massive-July-Patch-Tuesday
-
Patch Now: Cisco Zero-Day Under Fire From Chinese APT
by
in SecurityNewsThreat actor Velvet Ant has been exploiting a vulnerability in Cisco’s NX-OS Software for managing a variety of switches, executing commands and dropp… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/patch-now-cisco-zero-day-chinese-apt
-
Google Opens $250K Bug Bounty Contest for VM Hypervisor
by
in SecurityNewsIf security researchers can execute a guest-to-host attack using a zero-day vulnerability in the KVM open source hypervisor, Google will make it worth… First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/google-opens-250k-bug-bounty-contest-for-vm-hypervisor
-
UNC3886 Leverages Zero Days, Novel Backdoor Variants
by
in SecurityNewsA new deep-dive investigation into the known UNC3886 gives insight into how the China-linked threat actor operates in a sophisticated, cautious, and e… First seen on duo.com Jump to article: duo.com/decipher/unc3886-leverages-zero-days-novel-backdoor-variants
-
Cisco Patches Zero-Day Bug Used by Chinese Velvet Ant Group
by
in SecurityNewsFirst seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisco-patches-zeroday-bug-chinese/
-
Ransomware crew may have exploited Windows makeadmin bug as a zero-day
by
in SecurityNewsFirst seen on theregister.com Jump to article: www.theregister.com/2024/06/12/black_basta_ransomware_windows/
-
Threat Actor Claiming of Sandbox Escape RCE in 0-day Google Chrome
by
in SecurityNewsThreat Actor has claimed to have discovered a critical zero-day vulnerability in Google Chrome. This exploit, which reportedly enables a sandbox escap… First seen on gbhackers.com Jump to article: gbhackers.com/claiming-sandboxrce-0-day/
-
Novel Cisco NX-OS zero-day leveraged by Chinese hackers
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/novel-cisco-nx-os-zero-day-leveraged-by-chinese-hackers
-
Cisco patches zero-day in NX-OS Nexus switch software
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/news/cisco-patches-medium-severity-zero-day-in-its-nx-os-nexus-switch-software
-
China-linked APT exploited Cisco NX-OS zero-day to deploy custom malware
by
in SecurityNewsCisco fixed an actively exploited NX-OS zero-day, the flaw was exploited to install previously unknown malware as root on vulnerable switches. Cisco a… First seen on securityaffairs.com Jump to article: securityaffairs.com/165097/apt/cisco-nx-os-zero-day-chinese-hackers.html
-
Google to offer $250,000 for Full VM Escape Zero-day Vulnerability
by
in SecurityNewsGoogle has unveiled kvmCTF, a new vulnerability reward program (VRP) explicitly targeting the Kernel-based Virtual Machine (KVM) hypervisor. This init… First seen on gbhackers.com Jump to article: gbhackers.com/google-zero-day-vulnerability-2/
-
Cisco Patches an Exploited Zero-Day Vulnerability
by
in SecurityNewsChina-Nexus Hackers Velvet Ant Exploited the Bug in April, Cisco and Sygnia Say. Cisco on Monday patched a zero-day vulnerability discovered months ag… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cisco-patches-exploited-zero-day-vulnerability-a-25682
-
Cisco warns of NX-OS zero-day exploited to deploy custom malware
by
in SecurityNewsFirst seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-warns-of-nx-os-zero-day-exploited-to-deploy-custom-malware/
-
Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies
by
in SecurityNewsCisco has patched an NX-OS command injection zero-day exploited by China-linked cyberespionage group Velvet Ant. The post s patched an NX-OS command i… First seen on securityweek.com Jump to article: www.securityweek.com/cisco-patches-nx-os-zero-day-exploited-by-chinese-cyberspies/
-
Hackers Claiming of Sandbox Escape RCE in 0-DAY Google Chrome
by
in SecurityNews
Tags: browser, chrome, exploit, google, group, hacker, rce, remote-code-execution, vulnerability, zero-dayA group of hackers has claimed to have discovered a critical zero-day vulnerability in Google Chrome. This exploit, which reportedly enables a sandbox… First seen on gbhackers.com Jump to article: gbhackers.com/claiming-sandboxrce-0-day/
-
Cisco NX-OS Zero-Day Command Injection Vulnerability Let Hackers Gain Root Access
by
in SecurityNewsCisco has disclosed a critical vulnerability in its widely-used NX-OS network operating system that could allow attackers to execute arbitrary command… First seen on gbhackers.com Jump to article: gbhackers.com/cisco-nx-os-zero-day-command-injection-vulnerability/
-
Per Zero-Day-Lücke: Angeblicher Sicherheitsforscher stiehlt Kraken Millionen
by
in SecurityNewsDurch eine Schwachstelle konnten sich Nutzer der Kryptoplattform Kraken unrechtmäßig Gelder gutschreiben. Fast 3 Millionen USD sind an den Entdecker u… First seen on golem.de Jump to article: www.golem.de/news/per-zero-day-luecke-angeblicher-sicherheitsforscher-stiehlt-kraken-millionen-2406-186287.html
-
Zero-day vulnerabilities in temperature monitors could leak patient data
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/news/patchless-temperature-monitor-vulnerabilities-could-leak-patient-data
-
UNC3886 Uses Fortinet, VMware 0-Days and Stealth Tactics in Long-Term Spying
by
in SecurityNewsThe China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has been observed … First seen on thehackernews.com Jump to article: thehackernews.com/2024/06/chinese-cyber-espionage-group-exploits.html