Tag: zero-day
-
Russian APT RomCom combines Firefox and Windows zero-day flaws in drive-by exploit
by
in SecurityNews
Tags: access, antivirus, apt, attack, backdoor, browser, business, computer, cve, cybercrime, cyberespionage, defense, endpoint, exploit, flaw, germany, government, group, insurance, intelligence, malicious, microsoft, msp, password, powershell, russia, software, threat, ukraine, vulnerability, windows, zero-dayA Russia-aligned group that engages in both cybercrime and cyberespionage operations used a zero-click exploit chain last month that combined previously unknown and unpatched vulnerabilities in Firefox and Windows.The campaign, whose goal was to deploy the group’s RomCom backdoor on computers, targeted users from Europe and North America. The APT group, also known as Storm-0978,…
-
Russian Hackers Exploit Firefox and Windows 0-Days to Deploy Backdoor
Watch out for the Russian hackers from the infamous RomRom group, also known as Storm-0978, Tropical Scorpius, or UNC2596, and their use of a custom backdoor. First seen on hackread.com Jump to article: hackread.com/russian-hackers-firefox-windows-0-days-backdoor/
-
Hackers Exploit Firefox and Windows Flaws: RomCom’s Advanced Attack Unveiled
by
in SecurityNewsA Russia-aligned hacking group, known as RomCom (also identified as Storm-0978, Tropical Scorpius, or UNC2596), has successfully exploited two zero-day vulnerabilities”, one in Mozilla Firefox and another in Microsoft Windows Task Scheduler. These vulnerabilities, identified as CVE-2024-9680 and CVE-2024-49039, were chained together to allow the group to execute arbitrary code and install malicious backdoors on…
-
Russian RomCom APT Group Leverages Zero-Day Flaws in Firefox and Windows
by
in SecurityNewsRussia-backed hackers, known as RomCom, have exploited critical zero-day vulnerabilities in Mozilla Firefox and Windows to launch targeted attacks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/romcom-apt-zeroday-flaws-firefox/
-
Russian APT Chained Firefox and Windows Zero-Days Against US and European Targets
The Russia-linked RomCom APT has been observed chaining two zero-days in Firefox and Windows for backdoor delivery. The post Russian APT Chained Firefox and Windows Zero-Days Against US and European Targets appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/russian-apt-chained-firefox-and-windows-zero-days-against-us-and-european-targets/
-
Russian group RomCom exploited Firefox and Tor Browser zero-days to target attacks Europe and North America
by
in SecurityNewsThe Russian RomCom group exploited Firefox and Tor Browser zero-day vulnerabilities in attacks on users in Europe and North America. Russian-based cybercrime group RomCom (aka UAT-5647, Storm-0978, Tropical Scorpius, UAC-0180, UNC2596) exploited two Firefox and Tor Browser zero-day vulnerabilities in recent attacks on users across Europe and North America. The first zero-day exploited by the Russian group, is a use-after-free…
-
RomCom Exploits Zero-Days in Firefox (CVE-2024-9680) Windows (CVE-2024-49039) with No User Interaction
by
in SecurityNews
Tags: attack, browser, cybersecurity, exploit, microsoft, russia, threat, vulnerability, windows, zero-dayIn a recent cybersecurity report, ESET researchers have unveiled a coordinated attack by the Russia-aligned threat actor RomCom, exploiting zero-day vulnerabilities in both Mozilla Firefox and Microsoft Windows. These vulnerabilities”, previously... First seen on securityonline.info Jump to article: securityonline.info/romcom-exploits-zero-days-in-firefox-cve-2024-9680-windows-cve-2024-49039-with-no-user-interaction/
-
‘RomCom’ APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor
by
in SecurityNewsThe innocuously named Russian-sponsored cyber threat actor has combined critical and serious vulnerabilities in Windows and Firefox products in a zero-click code execution exploit. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/romcom-apt-zero-day-zero-click-browser-escapes-firefox-tor
-
Russian hackers exploit Firefox, Windows zero-days in wild
by
in SecurityNewsRomCom threat actors chain two Firefox and Windows zero-day vulnerabilities together in order to execute arbitrary code in vulnerable Mozilla browsers. First seen on Jump to article: /www.techtarget.com/searchsecurity/news/366616460/Russian-hackers-exploit-Firefox-Windows-zero-days-in-wild
-
RomCom Hackers Exploits Windows Firefox Zero-Day in Advanced Cyberattacks
by
in SecurityNewsIn a new wave of cyberattacks, the Russia-aligned hacking group >>RomCom>The compromise chain is composed of a […] The post RomCom Hackers Exploits Windows & Firefox Zero-Day in Advanced Cyberattacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform. First seen on gbhackers.com Jump to article: gbhackers.com/romcom-hackers-exploits-windows-firefox-zero-day/
-
Firefox and Windows zero-days exploited by Russian RomCom hackers
by
in SecurityNewsRussian-based RomCom cybercrime group chained two zero-day vulnerabilities in recent attacks targeting Firefox and Tor Browser users across Europe and North America. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/firefox-and-windows-zero-days-exploited-by-russian-romcom-hackers/
-
RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks
by
in SecurityNewsThe Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in Mozilla Firefox and the other in Microsoft Windows, as part of attacks designed to deliver the eponymous backdoor on victim systems.”In a successful attack, if a victim browses a web page containing the exploit, an…
-
RomCom hackers chained Firefox and Windows zero-days to deliver backdoor
by
in SecurityNewsRussia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/26/romcom-backdoor-cve-2024-9680-cve-2024-49039/
-
Windows Themes zero-day bug exposes users to NTLM credential theft
by
in SecurityNewsFirst seen on theregister.com Jump to article: www.theregister.com/2024/10/30/zeroday_windows_themes/
-
November 2024 Patch Tuesday Fixes Actively Exploited Flaws (CVE-2024-49039)
by
in SecurityNewsIn its November 2024 Patch Tuesday update, Microsoft addressed 90 security vulnerabilities, including two critical zero-day exploits currently being actively exploited in the wild (CVE-2024-49039 and CVE-2024-49039). This also update includes fixes for issues impacting Windows NT LAN Manager (NTLM)… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/november-2024-patch-tuesday-cve-2024-49039/
-
Week in review: 0-days exploited in Palo Alto Networks firewalls, two unknown Linux backdoors identified
by
in SecurityNewsHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: 2,000 Palo Alto Networks devices compromised in latest attacks Attackers have … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/24/week-in-review-0-days-exploited-in-palo-alto-networks-firewalls-two-unknown-linux-backdoors-identified/
-
Fortinet discloses critical zero-day flaw in FortiManager
by
in SecurityNewsAccording to Fortinet, the FortiManager vulnerability ‘may allow a remote unauthenticated attacker to execute arbitrary code or commands via specially… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366614476/Fortinet-discloses-critical-zero-day-flaw-in-FortiManager
-
Operation Lunar Peek: More Than 2,000 Palo Alto Network Firewalls Hacked
by
in SecurityNewsThe Shadowserver Foundation reports over 2,000 Palo Alto Networks firewalls have been hacked via two zero-day vulnerabilities: CVE-2024-0012… First seen on hackread.com Jump to article: hackread.com/operation-lunar-peek-palo-alto-firewalls-hacked/
-
Zero Days Top Cybersecurity Agencies’ Most-Exploited List
by
in SecurityNewsCybersecurity Officials Urge to Prioritize Fixing These 15 Most-Exploited Flaws. Which vulnerabilities need fixing first to best block nation-state and other hacking attempts? Enter the latest Five Eyes intelligence partnership list of the 15 flaws most targeted by attackers, of which 11 were zero-days. Many organizations have yet to patch them all. First seen on…
-
Palo Alto Networks pushes back as Shadowserver spots 2K of its firewalls exploited
by
in SecurityNewsThe security vendor maintains only a limited number of customers’ firewalls have been exploited by a zero-day it patched earlier this week. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/palo-alto-networks-disputes-shadowserver-firewall-exploit-scans/733728/
-
U.S. CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog
by
in SecurityNews
Tags: apple, cisa, cve, cybersecurity, exploit, infrastructure, kev, oracle, update, vulnerability, zero-dayU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: This week, Apple released security updates for two zero-day vulnerabilities, tracked as CVE-2024-44309 and CVE-2024-44308, in iOS, iPadOS,…
-
More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days
by
in SecurityNewsThreat actors already hacked thousands of Palo Alto Networks firewalls exploiting recently patched zero-day vulnerabilities. Thousands of Palo Alto Networks firewalls have reportedly been compromised in attacks exploiting recently patched zero-day vulnerabilities (CVE-2024-0012 and CVE-2024-9474) in PAN-OS. CVE-2024-0012is a vulnerability in Palo Alto Networks PAN-OS that allows unauthenticated attackers with network access to the management…
-
Risiko durch veraltete Kurz-URL-Formate Day-Schwachstelle in GNU Wget
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/-cyberkriminelle-nutzen-sicherheitsluecke-gnu-wget-jfrog-untersucht-a-367f299da8293de7b06bf5a704b143d4/
-
Apple Patches Two Zero-Day Attack Vectors
by
in SecurityNewsThreat actors exploited two vulnerabilities in Intel-based machines. Google’s Threat Analysis Group discovered the flaws. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/apple-patches-zero-day-vulnerabilities/
-
Over 2,000 Palo Alto firewalls hacked using recently patched bugs
Hackers have already compromised thousands of Palo Alto Networks firewalls in attacks exploiting two recently patched zero-day vulnerabilities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-2-000-palo-alto-firewalls-hacked-using-recently-patched-bugs/
-
Palo Alto Networks warns hackers are breaking into its customers’ firewalls, again
by
in SecurityNewsHackers have compromised potentially thousands of Palo Alto customers by exploiting two new zero-day vulnerabilities First seen on techcrunch.com Jump to article: techcrunch.com/2024/11/21/palo-alto-networks-warns-hackers-are-breaking-into-its-customers-firewalls-again/
-
QuantumSoftware kombiniert KI-Engines, Post-Quantum-Verschlüsselung und DevOps-Optimierung
by
in SecurityNewsDie neue Check-Point-Quantum-Firewall-Software R82 kombiniert KI-Engines, Post-Quantum-Verschlüsselung und DevOps-Optimierungen für skalierbare und vereinfachte Rechenzentrumsoperationen. Check Point präsentiert damit eine KI-basierte Netzwerksicherheitslösung der nächsten Generation. Bei einem globalen Anstieg der Cyber-Angriffe um 75 Prozent bietet R82 KI-gestützte Engines, die Schutz vor Zero-Day-Bedrohungen, sowie Phishing, Malware und DNS-Exploits (Domain Name System) gewährleisten. Darüber hinaus enthält sie neue…
-
2,000 Palo Alto Networks devices compromised in latest attacks
Attackers have compromised around 2,000 Palo Alto Networks firewalls by leveraging the two recently patched zero-days (CVE-2024-0012 and CVE-2024-9474), Shadowserver … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/21/palo-alto-firewalls-compromised-cve-2024-0012-cve-2024-9474/
-
Mehrere PTZ-Kameras betroffen – Zero-Day-Schwachstellen in Kameras von PTZOptics
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/zero-day-sicherheitsluecken-ptz-kameras-a-acf9a411f009e37846435594fbf5cbc3/
-
Apple Urgently Patches Actively Exploited Zero-Days
by
in SecurityNewsThough the information regarding the exploits is limited, the company did report that Intel-based Mac systems have been targeted by cybercriminals looking to exploit CVE-2024-44308 and CVE-2024-44309. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/apple-patches-actively-exploited-zero-days