Lucene search
K

184 matches found

ThreatPost
ThreatPost
added 2020/04/06 3:55 p.m.91 views

Government VPN Servers Targeted in Zero-Day Attack

As the Chinese government turns to virtual private networks VPNs to provide access to official resources for those working remotely amid the COVID-19 pandemic, the DarkHotel APT has seized the opportunity to target those VPNs in a zero-day attack, researchers said. According to security analysts...

0.9AI score
Exploits0References14
Imperva Blog
Imperva Blog
added 2020/01/19 3:0 p.m.505 views

Imperva Mitigates Exploits of Citrix Vulnerability – Right Out of the Box

On December 17, Citrix issued a Security Bulletin on an unauthenticated remote code execution vulnerability CVE-2019-19781 affecting its Citrix Application Delivery Controller ADC - formerly known as NetScaler ADC - and its Citrix Gateway - formerly known as NetScaler Gateway. At the time of the...

7.5CVSS10AI score0.99999EPSS
Exploits48
ThreatPost
ThreatPost
added 2019/12/30 2:0 p.m.56 views

Top Mobile Security Stories of 2019

Top Mobile Security Stories of 2019 Cybercriminals are increasingly and successfully targeting mobile users, as our look back on the Top 10 2019 mobile security stories show. For enterprises that are embracing an ever-more-mobile workforce, escalating mobile attack vectors significantly widen the...

0.1AI score
Exploits0References37
ThreatPost
ThreatPost
added 2019/12/16 2:0 p.m.63 views

Understanding the Risk of Zero-Day Exploits

To protect your home from thieves, the easiest thing you can do is lock your windows and doors every time you leave the house. Similarly, in cybersecurity, the easiest way to protect your network is to keep your hardware and applications up to date with the latest security patches. But how do you...

0.7AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/09/06 7:18 p.m.225 views

China's APT3 Pilfers Cyberweapons from the NSA

The advanced persistent threat APT group known as APT3, which researchers across the board link to the Chinese government, has built a full in-house battery of exploits and cybertools collectively dubbed “UPSynergy.” An analysis of the toolkit has uncovered a geopolitical cat-and-mouse spy game: ...

9.3CVSS7.9AI score0.93307EPSS
Exploits46References8
ThreatPost
ThreatPost
added 2019/09/04 2:33 p.m.82 views

Android Zero-Days Now Worth More Than iPhone Exploits

An Android zero-day exploit is now worth more than one for the iPhone on the global cyberweapons market. Exploit acquisition vendor Zerodium said Tuesday that it is willing to pay a whopping $2.5 million for a zero-click Android zero-day with persistence. That number significantly increases the...

7.3AI score
Exploits0References10
The Hacker News
The Hacker News
added 2019/06/07 10:46 a.m.198 views

Hacker Discloses Second Zero-Day to Bypass Patch for Windows EoP Flaw

An anonymous security researcher going by the name of SandboxEscaper today publicly shared a second zero-day exploit that can be used to bypass a recently patched elevation of privilege vulnerability in the Microsoft Windows operating system. SandboxEscaper is known for publicly dropping zero-day...

7.8CVSS7.1AI score0.414EPSS
Exploits19
The Hacker News
The Hacker News
added 2019/05/23 6:56 a.m.1 views

Update: Hacker Disclosed 4 New Microsoft Zero-Day Exploits in Last 24 Hours

Less than 24 hours after publicly disclosing an unpatched zero-day vulnerability in Windows 10, the anonymous hacker going by online alias "SandboxEscaper" has now dropped new exploits for two more unpatched Microsoft zero-day vulnerabilities. The two new zero-day vulnerabilities affect Microsoft...

7.8CVSS7.6AI score0.414EPSS
Exploits20
Positive Technologies
Positive Technologies
added 2019/04/09 12:0 a.m.4 views

PT-2019-1798 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to errors in handling hard links in the Windows AppX Deployment Service AppXSVC, which can be exploited by an attacker to elevate their privileges using a...

7.8CVSS8.7AI score0.414EPSS
Exploits19References36
The Hacker News
The Hacker News
added 2019/01/15 9:57 a.m.138 views

Unpatched vCard Flaw Could Let Attackers Hack Your Windows PCs

A zero-day vulnerability has been discovered and reported in the Microsoft's Windows operating system that, under a certain scenario, could allow a remote attacker to execute arbitrary code on Windows machine. Discovered by security researcher John Page @hyp3rlinx, the vulnerability was reported ...

1.3AI score
Exploits0
The Hacker News
The Hacker News
added 2018/12/06 11:22 a.m.156 views

New Adobe Flash Zero-Day Exploit Found Hidden Inside MS Office Docs

Cybersecurity researchers have discovered a new zero-day vulnerability in Adobe Flash Player that hackers are actively exploiting in the wild as part of a targeted campaign appears to be attacking a Russian state health care institution. The vulnerability, tracked as CVE-2018-15982, is a...

10CVSS1.8AI score0.81844EPSS
Exploits13
The Hacker News
The Hacker News
added 2018/10/24 8:50 a.m.801 views

Hacker Discloses New Windows Zero-Day Exploit On Twitter

A security researcher with Twitter alias SandboxEscaper—who two months ago publicly dropped a zero-day exploit for Microsoft Windows Task Scheduler—has yesterday released another proof-of-concept exploit for a new Windows zero-day vulnerability. SandboxEscaper posted a link to a Github page hosti...

2.5AI score
Exploits0
The Hacker News
The Hacker News
added 2018/10/24 8:50 a.m.1 views

Hacker Discloses New Windows Zero-Day Exploit On Twitter

A security researcher with Twitter alias SandboxEscaper—who two months ago publicly dropped a zero-day exploit for Microsoft Windows Task Scheduler—has yesterday released another proof-of-concept exploit for a new Windows zero-day vulnerability. SandboxEscaper posted a link to a Github page hosti...

6.6AI score
Exploits0
Krebs on Security
Krebs on Security
added 2018/10/11 7:34 a.m.72 views

Patch Tuesday, October 2018 Edition

Microsoft this week released software updates to fix roughly 50 security problems with various versions of its Windows operating system and related software, including one flaw that is already being exploited and another for which exploit code is publicly available. The zero-day bug --...

0.3AI score0.69833EPSS
Exploits11
Securelist
Securelist
added 2018/10/10 7:0 a.m.1568 views

Zero-day exploit (CVE-2018-8453) used in targeted attacks

Yesterday, Microsoft published their security bulletin, which patches CVE-2018-8453, among others. It is a vulnerability in win32k.sys discovered by Kaspersky Lab in August. We reported this vulnerability to Microsoft on August 17, 2018. Microsoft confirmed the vulnerability and designated it...

7.2CVSS0.3AI score0.69833EPSS
Exploits13
The Hacker News
The Hacker News
added 2018/09/10 7:7 p.m.1 views

Tor Browser Zero-Day Exploit Revealed Online – Patch Now

Zerodium, the infamous exploit vendor that earlier this year offered $1 million for submitting a zero-day exploit for Tor Browser, today publicly revealed a critical zero-day flaw in the anonymous browsing software that could reveal your identity to the sites you visit. In a Tweet, Zerodium share...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2018/09/10 7:7 p.m.193 views

Tor Browser Zero-Day Exploit Revealed Online – Patch Now

Zerodium, the infamous exploit vendor that earlier this year offered $1 million for submitting a zero-day exploit for Tor Browser, today publicly revealed a critical zero-day flaw in the anonymous browsing software that could reveal your identity to the sites you visit. In a Tweet, Zerodium share...

Exploits0
ThreatPost
ThreatPost
added 2018/07/17 6:27 p.m.12 views

Recent Andariel Group ActiveX Attacks Point to Future Targets

Researchers say that the North Korea-linked Andariel hacking group may be looking to switch up its targets, based on key changes in its script found on recently compromised websites. The Andariel group is associated with the infamous Lazarus Group, North Korea’s cyber-espionage unit. Andariel has...

7AI score
Exploits0References4
Securelist
Securelist
added 2018/07/10 10:0 a.m.530 views

APT Trends Report Q2 2018

In the second quarter of 2017, Kaspersky Lab's Global Research and Analysis Team GReAT began publishing summaries of the quarter's private threat intelligence reports, in an effort to make the public aware of the research we have been conducting. This report serves as the latest installment,...

10CVSS9.3AI score0.94354EPSS
Exploits34
The Hacker News
The Hacker News
added 2018/06/07 3:51 p.m.119 views

Adobe Issues Patch for Actively Exploited Flash Player Zero-Day Exploit

If you have already uninstalled Flash player, well done! But if you haven't, here's another great reason for ditching it. Adobe has released a security patch update for a critical vulnerability in its Flash Player software that is actively being exploited in the wild by hackers in targeted attack...

10CVSS1.4AI score0.25353EPSS
Exploits0
Rows per page
Query Builder