Tag: zero-day
-
Unofficial fixes issued for Windows Themes zero-day
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/unofficial-fixes-issued-for-windows-themes-zero-day
-
CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack
by
in SecurityNewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting ScienceLogic SL1 to its Known Expl… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/cisa-adds-sciencelogic-sl1.html
-
QNAP patches second zero-day exploited at Pwn2Own to get root
by
in SecurityNewsQNAP has fixed a second zero-day vulnerability exploited at the Pwn2Own Ireland 2024 hacking contest to gain a root shell and take over a TS-464 NAS d… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/qnap-patches-second-zero-day-exploited-at-pwn2own-to-get-root/
-
Lazarus Group Exploits Chrome Zero-Day in Latest Campaign
First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/lazarus-group-exploits-chrome-zero-day-campaign
-
New Windows Themes zero-day gets free, unofficial patches
by
in SecurityNewsFree unofficial patches are now available for a new Windows Themes zero-day vulnerability that allows attackers to steal a target’s NTLM credentials r… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-windows-themes-zero-day-gets-free-unofficial-patches/
-
Researchers Discover Over 70 Zero-Day Bugs at Pwn2Own Ireland
by
in SecurityNews
Tags: zero-dayFirst seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/researchers-70-zeroday-bugspwn/
-
QNAP fixes NAS backup software zero-day exploited at Pwn2Own
by
in SecurityNewsQNAP has fixed a critical zero-day vulnerability exploited by security researchers on Thursday to hack a TS-464 NAS device during the Pwn2Own Ireland … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/qnap-fixes-nas-backup-software-zero-day-exploited-at-pwn2own/
-
Samsung Zero-Day Vuln Under Active Exploit, Google Warns
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/samsung-zero-day-vuln-under-active-exploit-google-warns
-
Fortinet zero-day attack spree hits at least 50 customers
by
in SecurityNewsActive exploits of a critical vulnerability in FortiManager began in late June, Mandiant said. Firewall credentials and configuration data have been s… First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/fortinet-zero-day-attack-spree/730894/
-
Fortinet Confirms Exploitation of Critical FortiManager Zero-Day Vulnerability
by
in SecurityNewsFirst seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fortinet-exploitation-fortimanager/
-
UNC5820 Exploits FortiManager Zero-Day Vulnerability (CVE-2024-47575)
by
in SecurityNewsFortinet and Mandiant investigated the mass exploitation of FortiManager devices via CVE-2024-47575, impacting 50+ systems across industries. Threat….. First seen on hackread.com Jump to article: hackread.com/unc5820-exploits-fortimanager-zero-day-vulnerability/
-
DPRK Uses Microsoft Zero-Day in No-Click Toast Attacks
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/dprk-microsoft-zero-day-no-click-toast-attacks
-
Over 70 zero-day flaws get hackers $1 million at Pwn2Own Ireland
by
in SecurityNewsThe fourth day of Pwn2Own Ireland 2024 marked the end of the hacking competition with more than $1 million in prizes for over 70 unique zero-day vulne… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-70-zero-day-flaws-get-hackers-1-million-at-pwn2own-ireland/
-
Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE
by
in SecurityNewsHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: Fortinet releases patches for publicly undisclosed c… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/27/week-in-review-fortinet-patches-critical-fortimanager-0-day-vmware-fixes-vcenter-server-rce/
-
Lazarus Group Exploits Chrome 0-Day for Crypto with Fake NFT Game
First seen on hackread.com Jump to article: hackread.com/north-korean-hackers-crypto-deceptive-game-zero-day-exploit/
-
New Threat Group UNC5820 Targets FortiManager Zero-Day CVE-2024-47575 in Global Cyberattack
by
in SecurityNewsIn October 2024, Mandiant, in collaboration with Fortinet, uncovered the mass exploitation of FortiManager appliances across multiple industries. This… First seen on securityonline.info Jump to article: securityonline.info/new-threat-group-unc5820-targets-fortimanager-zero-day-cve-2024-47575-in-global-cyberattack/
-
DEF CON 32 AppSec Village 0 0 0 0 Day Exploiting Localhost APIs From The Browser
by
in SecurityNewsAuthors/Presenters: Avi Lumel, skyGal Elbaz Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their timely DEF CON 32 eru… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/def-con-32-appsec-village-0-0-0-0-day-exploiting-localhost-apis-from-the-browser/
-
QNAP, Synology, Lexmark devices hacked on Pwn2Own Day 3
by
in SecurityNewsThe third day of Pwn2Own Ireland 2024 continued to showcase the expertise of white hat hackers as they exposed 11 zero-day vulnerabilities, adding $12… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/qnap-synology-lexmark-devices-hacked-on-pwn2own-day-3/
-
Fortinet FortiManager flaw exploited in zero-day attacks (CVE-2024-47575)
by
in SecurityNewsFortinet has finally made public information about CVE-2024-47575, a critical FortiManager vulnerability that attackers have exploited as a zero-day. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/24/cve-2024-47575/
-
Google Warns Of Samsung Zero Day Exploited In The Wild
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36499/Google-Warns-Of-Samsung-Zero-Day-Exploited-In-The-Wild.html
-
North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware
by
in SecurityNewsThe North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devi… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/north-korean-scarcruft-exploits-windows.html
-
Samsung Galaxy S24 and Sonos Era hacked on Pwn2Own Ireland Day 2
by
in SecurityNewsOn the second day of Pwn2Own Ireland 2024, competing white hat hackers showcased an impressive 51 zero-day vulnerabilities, earning a total of $358,62… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/samsung-galaxy-s24-and-sonos-era-hacked-on-pwn2own-ireland-day-2/
-
Mandiant says new Fortinet flaw has been exploited since June
A new Fortinet FortiManager flaw dubbed FortiJump and tracked as CVE-2024-47575 has been exploited since June 2024 in zero-day attacks on over 50 serv… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/mandiant-says-new-fortinet-fortimanager-flaw-has-been-exploited-since-june/
-
Hackers Probing Newly Disclosed Fortinet Zero-Day
Mandiant Says High-Severity Flaw Could Give Attackers Remote Unauthenticated Access. Researchers at Mandiant say a new threat cluster, first observed … First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/hackers-probing-newly-disclosed-fortinet-zero-day-a-26624
-
North Korean APT Exploited IE Zero Day In Supply Chain Attack
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36494/North-Korean-APT-Exploited-IE-Zero-Day-In-Supply-Chain-Attack.html
-
4 Ways to Address Zero-Days in AI/ML Security
by
in SecurityNewsAs the unique challenges of AI zero-days emerge, the approach to managing the accompanying risks needs to follow traditional security best practices b… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/4-ways-address-zero-days-ai-ml-security
-
North Korean Hackers Exploited Chrome Zero-Day for Cryptocurrency Theft
by
in SecurityNewsThe Lazarus APT created a deceptive website that exploited a Chrome zero-day to install malware and steal cryptocurrency. The post North Korean Hacker… First seen on securityweek.com Jump to article: www.securityweek.com/north-korean-hackers-exploited-chrome-zero-day-for-cryptocurrency-theft/
-
New Fortinet Zero-Day Exploited for Months Before Patch
A Fortinet zero-day tracked as CVE-2024-47575 and named FortiJump has been exploited since at least June 2024. The post New Fortinet Zero-Day Exploite… First seen on securityweek.com Jump to article: www.securityweek.com/new-fortinet-zero-day-exploited-for-months-before-patch-release/
-
The Rise of Zero-Day Vulnerabilities: Why Traditional Security Solutions Fall Short
by
in SecurityNewsIn recent years, the number and sophistication of zero-day vulnerabilities have surged, posing a critical threat to organizations of all sizes. A zero… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/rise-of-zero-day-vulnerabilities.html