Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits

The Microsoft Threat Intelligence Center MSTIC and the Microsoft Security Response Center MSRC found a private-sector offensive actor PSOA using multiple Windows and Adobe 0-day exploits, including one for the recently patched CVE-2022-22047, in limited and targeted attacks against European and...

Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits

The Microsoft Threat Intelligence Center MSTIC and the Microsoft Security Response Center MSRC found a private-sector offensive actor PSOA using multiple Windows and Adobe 0-day exploits, including one for the recently patched CVE-2022-22047, in limited and targeted attacks against European and...

The More You Know, The More You Know You Don’t Know

A Year in Review of 0-days Used In-the-Wild in 2021 Posted by Maddie Stone, Google Project Zero This is our third annual year in review of 0-days exploited in-the-wild 2020, 2019. Each year we’ve looked back at all of the detected and disclosed in-the-wild 0-days as a group and synthesized what w...

Protecting customers from a private-sector offensive actor using 0-day exploits and DevilsTongue malware

The Microsoft Threat Intelligence Center MSTIC alongside the Microsoft Security Response Center MSRC has uncovered a private-sector offensive actor, or PSOA, that we are calling SOURGUM in possession of now-patched, Windows 0-day exploits CVE-2021-31979 and CVE-2021-33771. Private-sector offensiv...

Protecting customers from a private-sector offensive actor using 0-day exploits and DevilsTongue malware

The Microsoft Threat Intelligence Center MSTIC alongside the Microsoft Security Response Center MSRC has uncovered a private-sector offensive actor, or PSOA, that we are calling SOURGUM in possession of now-patched, Windows 0-day exploits CVE-2021-31979 and CVE-2021-33771. Private-sector offensiv...

In-the-Wild Series: October 2020 0-day discovery

Posted by Maddie Stone, Project Zero In October 2020, Google Project Zero discovered seven 0-day exploits being actively used in-the-wild. These exploits were delivered via "watering hole" attacks in a handful of websites pointing to two exploit servers that hosted exploit chains for Android,...

HAFNIUM targeting Exchange Servers with 0-day exploits

Update 03/08/2021: Microsoft continues to see multiple actors taking advantage of unpatched systems to attack organizations with on-premises Exchange Server. To aid defenders in investigating these attacks where Microsoft security products and tooling may not be deployed, we are releasing a feed ...

Déjà vu-lnerability

A Year in Review of 0-days Exploited In-The-Wild in 2020 Posted by Maddie Stone, Project Zero 2020 was a year full of 0-day exploits. Many of the Internet’s most popular browsers had their moment in the spotlight. Memory corruption is still the name of the game and how the vast majority of detect...

SonicWall hacked after 0-day flaws exploited by hackers

By Deeba Ahmed The cybersecurity firm SonicWall has confirmed that it was hacked after hackers exploited 0-day flaws in its VPN product. This is a post from HackRead.com Read the original post: SonicWall hacked after 0-day flaws exploited by hackers...

Root Cause Analyses for 0-day In-the-Wild Exploits

Posted by Maddie Stone, Project Zero When a 0-day is exploited in the wild AND it is detected, we need to use that as an opportunity to learn as much as possible about the vulnerability and the exploit if we hope to make 0-day hard. One of the main methods to do that is to perform a root cause...

Detection Deficit: A Year in Review of 0-days Used In-The-Wild in 2019

Posted by Maddie Stone, Project Zero In May 2019, Project Zero released our tracking spreadsheet for 0-days used “in the wild” and we started a more focused effort on analyzing and learning from these exploits. This is another way Project Zero is trying to make zero-day hard. This blog post...

Flaw in Google Bug Tracker Exposed Reports About Unpatched Vulnerabilities

Google’s Issue Tracker, also known internally as the “Buganizer,” contained until recently a vulnerability that would allow an external party access to any unpatched bug listed and described in the database. Alex Birsan, a software developer and hobbyist bug-hunter, collected more than $15,000 in...

Zerodium Offers $1 Million for Tor Browser 0-Days That It will Resell to Governments

It seems like Tor Browser zero-day exploits are in high demand right now—so much so that someone is ready to pay ONE MILLION dollars. Zerodium—a company that specialises in acquiring and reselling zero-day exploits—just announced that it will pay up to USD 1,000,000 for working zero-day exploits...

[CERT VU#121036 / Multiple CVEs] RCE, domain admin creds leakage and more in BMC Track-It!

Hi, tl;dr - I am releasing two 0 day exploits for BMC Track-It!. One is a RCE and the other gets you the domain admin and SQL database creds. Other minor vulns are also disclosed. Details below. CERT handled the disclosure for these vulnerabilities see CERT VU121036 and according to them BMC didn...

Google предлагает вознаграждение за эксплойты $20000-$60000

Компания Google объявила о расширении программы вознаграждений Chromium Security Rewards. В частности, предлагается премия за 0-day эксплойты Chrome, Flash, Windows и др. За них будут платить от $20K до $60K. Программа Chromium Security Rewards предполагает выплату вознаграждения за найденные...

AntiSecShell v.0.5 Shell Released by underground hackers of Antisec

AntiSecShell v.0.5 Shell Released by underground hackers of Antisec AntiSecShell ASS was built by the underground hacking community and groups like h0no, ac1db1tch3z and others who wish to remainanonymous, have helped altogether to create this new shell. It hasmany functions but most important of...

AntiSecShell v.0.5 Shell Released by underground hackers of Antisec

AntiSecShell v.0.5 Shell Released by underground hackers of Antisec AntiSecShell ASS was built by the underground hacking community and groups like h0no, ac1db1tch3z and others who wish to remainanonymous, have helped altogether to create this new shell. It hasmany functions but most important of...