Lucene search
+L

185 matches found

thn
thn
added 2018/06/07 3:51 p.m.133 views

Adobe Issues Patch for Actively Exploited Flash Player Zero-Day Exploit

If you have already uninstalled Flash player, well done! But if you haven't, here's another great reason for ditching it. Adobe has released a security patch update for a critical vulnerability in its Flash Player software that is actively being exploited in the wild by hackers in targeted attack...

10CVSS1.4AI score0.25353EPSS
Exploits0
threatpost
threatpost
added 2017/12/28 2:1 p.m.369 views

Code Used in Zero Day Huawei Router Attack Made Public

Exploit code used in the Mirai malware variant called Satori, which was used to attack hundreds of thousands of Huawei routers over the past several weeks, is now public. Researchers warn the code will quickly become a commodity and be leveraged in DDoS attacks via botnets such as Reaper or...

10CVSS10AI score0.99975EPSS
Exploits8References5
thn
thn
added 2017/11/03 9:16 p.m.17 views

Warning: Critical Tor Browser Vulnerability Leaks Users’ Real IP Address—Update Now

If you follow us on Twitter, you must be aware that since yesterday we have been warning Mac and Linux users of the Tor anonymity browser about a critical vulnerability that could leak their real IP addresses to potential attackers when they visit certain types of web pages. Discovered by Italian...

6.9AI score
Exploits0
securelist
securelist
added 2017/10/16 2:28 p.m.720 views

BlackOasis APT and new targeted attacks leveraging zero-day exploit

More information about BlackOasis APT is available to customers of Kaspersky Intelligence Reporting Service. Contact: [email protected] Introduction Kaspersky Lab has always worked closely with vendors to protect users. As soon as we find new vulnerabilities we immediately inform the...

10CVSS9.5AI score0.99344EPSS
Exploits28
carbonblack
carbonblack
added 2017/07/19 12:4 p.m.89 views

July 19, 2017 – Morning Cyber Coffee Headlines – “Rosetta Stone” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! July 19, 2017 - Headlines Cyberattack on Ukrainian Clinics, Pharmacies Worries...

6.6AI score
Exploits0
threatpost
threatpost
added 2017/03/28 5:12 p.m.67 views

Microsoft Offers Analysis of Zero-Day Exploited By Zirconium Group

Microsoft has released technical details on a zero-day vulnerability being exploited by a little-known APT group known as Zirconium. According to the company the vulnerability CVE-2017-0005 affects mostly older versions of Windows and can allow an adversary to execute remote code if a user either...

6.9CVSS0.1AI score0.821EPSS
Exploits2References6
mmpc
mmpc
added 2017/03/27 3:0 p.m.304 views

Detecting and mitigating elevation-of-privilege exploit for CVE-2017-0005

On March 14, 2017, Microsoft released security bulletin MS17-013 to address CVE-2017-0005, a vulnerability in the Windows Win32k component that could potentially allow elevation of privileges. A report from a trusted partner identified a zero-day exploit for this vulnerability. The exploit target...

6.9CVSS0.5AI score0.11022EPSS
Exploits1
mmpc
mmpc
added 2017/01/13 9:28 p.m.692 views

Hardening Windows 10 with zero-day exploit mitigations

Cyberattacks involving zero-day exploits happen from time to time, affecting different platforms and applications. Over the years, Microsoft security teams have been working extremely hard to address these attacks. While delivering innovative solutions like Windows Defender Application Guard, whi...

10CVSS0.80968EPSS
Exploits24
packetstorm
packetstorm
added 2017/01/09 12:0 a.m.165 views

FreePBX Remote Code Execution

Exploit Title: Freepbx coockie recordings injection Google Dork: Ask Santa Date: 23/12/2016 Exploit Author: inj3ctor3 Vendor Homepage: https://www.freepbx.org/ Software Link: ISO LINKS IN SITE https://www.freepbx.org/ Version: ALL && unpatched/ Trixbox/freepbx/elastix/pbxinflash/ Tested on: Cento...

10CVSS9.6AI score0.4299EPSS
Exploits4
thn
thn
added 2017/01/05 12:7 a.m.20 views

Update — Hacker Claims to Have Hacked the FBI, But It Wasn't

Update: A hacker yesterday claimed to have hacked the FBI's website running on Plone CMS, but it seems it wasn't hacked using any zero-day vulnerability in Plone. We contacted Plone security team and updated this story see below with official statements. A hacker, using Twitter handle CyberZeist,...

6.5AI score
Exploits0
thn
thn
added 2016/11/11 7:25 a.m.11 views

Google Pixel Phone and Microsoft Edge Hacked at PwnFest 2016

The brand new Android smartphone launched by Google just a few months back has been hacked by Chinese hackers just in less than a minute. Yes, the Google's latest Pixel smartphone has been hacked by a team white-hat hackers from Qihoo 360, besides at the 2016 PwnFest hacking competition in Seoul...

7.6AI score
Exploits0
threatpost
threatpost
added 2016/11/07 1:50 p.m.59 views

Microsoft Tears off the Band-Aid with EMET

Microsoft last week extended the end-of-life expiration date to July 2018 on its exploit mitigation add-on, the Enhanced Mitigation Experience Toolkit EMET. But for some time, the once-useful tool has been well on its way out to pasture. While EMET was never meant to be anything more than stopgap...

9.3CVSS0.9AI score0.99945EPSS
Exploits33References4
myhack58
myhack58
added 2016/10/13 12:0 a.m.15 views

Microsoft revealed there have been hacker using the Microsoft Edge vulnerability in the attack-vulnerability warning-the black bar safety net

Microsoft today to Windows 7, Windows 8.1, Windows 1 0 and Office to push a security update to fix vulnerabilities. These updates fixes the IE, Microsoft Edge, Office, Windows and Skype Business 4 9 security vulnerabilities. This 4 9 a security vulnerability 5 the vulnerability can be used to...

0.2AI score
Exploits0
thn
thn
added 2016/09/29 8:56 p.m.15 views

Zerodium Offers $1.5 Million Bounty For iOS Zero-Day Exploits

Well, there's some good news for Hackers and Bug hunters, though a terrible news for Apple! Exploit vendor Zerodium has tripled its bug bounty for an Apple's iOS 10 zero-day exploit, offering a maximum payout of $US1.5 Million. Yes, $1,500,000.00 Reward. That's more than seven times what Apple is...

6.8AI score
Exploits0
thn
thn
added 2016/09/19 8:55 p.m.261 views

Cisco finds new Zero-Day Exploit linked to NSA Hackers

Network equipment vendor Cisco is finally warning its customers of another zero-day vulnerability the company discovered in the trove of NSA's hacking exploits and implants leaked by the group calling itself "The Shadow Brokers." Last month, the Shadow Brokers published firewall exploits, implant...

8.5CVSS8.1AI score0.87565EPSS
Exploits14
myhack58
myhack58
added 2016/08/28 12:0 a.m.24 views

IPhone zero-day exploit or by hacking recommended that the user update the system-vulnerability warning-the black bar safety net

The iPhone iOS operating system, there are 3 security vulnerabilities are“zero day”, it will be one sophisticated spyware use of to a particular iPhone user to launch a sustained attack. Apple to this rapid reaction, for security vulnerabilities carried out a System Repair. The researchers...

0.4AI score
Exploits0
myhack58
myhack58
added 2016/07/12 12:0 a.m.21 views

BMW connected car storage 2 items could be used by hackers to steal the vehicle-vulnerability warning-the black bar safety net

According to the American automotive news website autoevolution reports, the BMW ConnectedDrive portal there are two“zero-day exploit”that could be used by hackers to control the multimedia device associated with the vehicle settings. ! BMW connected car storage 2 items could be used by hackers t...

0.7AI score
Exploits0
thn
thn
added 2016/06/02 11:14 p.m.14 views

Hackers Selling Unpatched Microsoft Windows Zero-Day Exploit for $90,000

How much a Windows zero-day exploit that affects all versions of Windows operating system costs on the black market? It's $95,000, at least, for the one recently spotted by security researchers. Researchers from Trustwave's SpiderLabs team have uncovered a zero-day exploit on Russian underground...

7.3AI score
Exploits0
fireeye
fireeye
added 2016/05/13 8:0 p.m.241 views

CVE-2016-4117: Flash Zero-Day Exploited in the Wild

On May 8, 2016, FireEye detected an attack exploiting a previously unknown vulnerability in Adobe Flash Player CVE-2016-4117 and reported the issue to the Adobe Product Security Incident Response Team PSIRT. Adobe released a patch for the vulnerability in APSB16-15 just four days later. Attackers...

10CVSS0.5AI score0.94354EPSS
Exploits6
fireeye
fireeye
added 2016/05/11 3:0 p.m.102 views

Threat Actor Leverages Windows Zero-day Exploit in Payment Card Data Attacks

In March 2016, a financially motivated threat actor launched several tailored spear phishing campaigns primarily targeting the retail, restaurant, and hospitality industries. The emails contained variations of Microsoft Word documents with embedded macros that, when enabled, downloaded and execut...

7.2CVSS8.2AI score0.05729EPSS
Exploits0
Rows per page
Query Builder