Lucene search
K

7 matches found

ThreatPost
ThreatPost
added 2020/04/06 9:5 p.m.199 views

A Brisk Private Trade in Zero-Days Widens Their Use

There were more zero-days exploited in 2019 than any of the previous three years, according to telemetry from FireEye Mandiant. The firm said that’s likely due to more zero-days coming up for sale by cyber-weapons dealers like NSO Group; a growing commercial market has made such tools much more...

7.5CVSS8.8AI score0.72105EPSS
Exploits30References18
The Hacker News
The Hacker News
added 2019/04/09 6:1 p.m.123 views

Microsoft Releases April 2019 Security Updates — Two Flaws Under Active Attack

Microsoft today released its April 2019 software updates to address a total of 74 CVE-listed vulnerabilities in its Windows operating systems and other products, 13 of which are rated critical and rest are rated Important in severity. April 2019 security updates address flaws in Windows OS,...

7.8CVSS2.1AI score0.4523EPSS
Exploits28
ThreatPost
ThreatPost
added 2019/03/13 3:15 p.m.313 views

Threat Groups SandCat, FruityArmor Exploiting Microsoft Win32k Flaw

A newly-patched Microsoft Win32k vulnerability is being exploited in the wild by at least two threat actors, including a recently discovered advanced persistent threat APT group dubbed SandCat. The exploited vulnerability CVE-2019-0797, rated important, was patched on Tuesday as part of Microsoft...

10CVSS0.4AI score0.69833EPSS
Exploits9References10
The Hacker News
The Hacker News
added 2018/12/12 8:48 a.m.176 views

Microsoft Issues Patch for Windows Zero-Day Flaw Under Active Attack

Microsoft today, on its year-end December Patch Tuesday, released security updates to patch a total 39 vulnerabilities its Windows operating systems and applications—10 of which are rated as critical and other important in severity. One of the security vulnerabilities patched by the tech giant th...

7.8CVSS9.5AI score0.0583EPSS
Exploits0
ThreatPost
ThreatPost
added 2018/10/10 9:52 p.m.331 views

FruityArmor Apt Exploits Yet Another Windows Graphics Kernel Flaw

A just-patched zero-day vulnerability in win32k.sys – the Windows graphics kernel component – is at the heart of a probable sighting of the FruityArmor APT group – an under-the-radar cyberespionage gang active in the Middle East. A recent campaign uncovered by Kaspersky Lab led researchers to the...

7.2CVSS0.2AI score0.69833EPSS
Exploits13References3
ThreatPost
ThreatPost
added 2018/10/09 9:24 p.m.387 views

Microsoft Patches Zero-Day Under Active Attack by APT

Microsoft has issued a patch for a zero-day bug being actively exploited in the wild, as part of its Patch Tuesday security bulletin. The vulnerability is an elevation-of-privilege flaw, rated important, affecting the Windows Win32k component. The zero-day CVE-2018-8453, found by Kaspersky Lab,...

9.3CVSS0.69833EPSS
Exploits12References7
ThreatPost
ThreatPost
added 2016/10/20 7:0 a.m.87 views

FruityArmor APT Group Used Recently Patched Windows Zero Day

One of the four zero-day vulnerabilities Microsoft patched last week was being used by an APT group called FruityArmor to carry out targeted attacks, escape browser-based sandboxes, and execute malicious code in the wild. Anton Ivanov, a researcher at Kaspersky Lab, was credited by Microsoft for...

10CVSS1.7AI score0.68684EPSS
Exploits3References10
Rows per page
Query Builder