Lucene search
K

154 matches found

The Hacker News
The Hacker News
added 2020/11/06 7:48 a.m.6 views

Update Your iOS Devices Now — 3 Actively Exploited 0-Days Discovered

Apple on Thursday released multiple security updates to patch three zero-day vulnerabilities that were revealed as being actively exploited in the wild. Rolled out as part of its iOS, iPadOS, macOS, and watchOS updates, the flaws reside in the FontParser component and the kernel, allowing...

9.3CVSS7.8AI score0.22178EPSS
Exploits2
NCSC
NCSC
added 2020/11/06 12:0 a.m.7 views

Vulnerabilities fixed in Apple iOS and iPadOS

Vulnerabilities have been fixed in Apple iOS and iPadOS, including three 0-day vulnerabilities. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Remote code execution Administrator/Root privileges. Increased user...

9.3CVSS7.1AI score0.22178EPSS
Exploits3
ThreatPost
ThreatPost
added 2020/10/05 3:15 p.m.82 views

Tenda Router Zero-Days Emerge in Spyware Botnet Campaign

Two former Tenda router zero-days are anchoring the spread of a Mirai-based botnet called Ttint. In addition to denial-of-service DoS attacks, this variant also has remote-access trojan RAT and spyware capabilities. According to 360Netlab, the botnet is unusual in a few ways. For one, on the RAT...

10CVSS0.6AI score0.79673EPSS
Exploits3References11
Trend Micro Simply Security
Trend Micro Simply Security
added 2020/08/14 1:7 p.m.35 views

This Week in Security News: Microsoft Patches 120 Vulnerabilities, Including Two Zero-Days and Trend Micro Brings DevOps Agility and Automation to Security Operations Through Integration with AWS Solutions

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about one of Microsoft’s largest Patch Tuesday updates ever, including fixes for 120 vulnerabilities and two zero-days. Also, learn abo...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2020/04/24 5:11 p.m.202 views

News Wrap: Nintendo Account Hacks, Apple Zero Days, NFL Security

For the week ended April 24, Threatpost editors discuss the hottest cybersecurity news stories, including: Apple zero days disclosed in the iPhone iOS that researchers say have been exploited for years. Meanwhile, Apple has pushed back and said there’s no evidence to support such activity. Ninten...

9.9AI score0.26869EPSS
Exploits0References17
Trend Micro Simply Security
Trend Micro Simply Security
added 2020/04/24 10:8 a.m.36 views

This Week in Security News: Security Researcher Discloses Four IBM Zero-Days After Company Refused to Patch and Trend Micro Integrates with Amazon AppFlow

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about a security researcher who has published details about four zero-day vulnerabilities impacting an IBM security product after the...

8.2AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2020/04/18 1:0 p.m.17 views

Russian Hackers Went After San Francisco International Airport

Plus: Windows zero days, Covid-19 spam, and more of the week's top security news...

3.4AI score
Exploits0
The Hacker News
The Hacker News
added 2020/04/14 6:24 p.m.4 views

Microsoft Issues Patches for 3 Bugs Exploited as Zero-Day in the Wild

It's April 2020 Patch Tuesday , and during these challenging times of coronavirus pandemic, this month's patch management process would not go easy for many organizations where most of the resources are working remotely. Microsoft today released the latest batch of software security updates for a...

8.8CVSS7.8AI score0.69166EPSS
Exploits3
Wired Threat Level
Wired Threat Level
added 2020/03/26 10:30 p.m.40 views

An Elite Spy Group Used 5 Zero-Days to Hack North Koreans

South Korea is a prime suspect for exploiting the secret software vulnerabilities in a sophisticated espionage campaign...

1.3AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2019/09/13 1:18 p.m.107 views

This Week in Security News: IoT Devices Are a Target in Cybercriminal Underground

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn how fileless malware abuses PowerShell. Also, read how Trend Micro researchers are pulling back the curtain on the cybercriminal...

7.6CVSS8.5AI score0.12942EPSS
Exploits0
ThreatPost
ThreatPost
added 2019/09/13 12:50 p.m.143 views

News Wrap: IoT Radio Telnet Backdoor And 'SimJacker' Active Exploit

Threatpost editors break down the biggest news stories of this week ended Sept. 13, including: Researchers warning that more than one billion mobile users are at risk from a SIM card flaw being currently exploited by threat actors A Telnet backdoor opened more than 1 million Imperial Dabman IoT...

7.3AI score0.00786EPSS
Exploits0References15
ThreatPost
ThreatPost
added 2019/09/09 11:35 a.m.49 views

Apple Claims Google is Spreading FUD Over Patched iPhone Bugs

Apple has called out Google for promoting a “false impression” about iOS vulnerabilities the iPhone maker said it fixed in February. It claims Google is unnecessarily panicking Apple customers. On Aug. 29, Ian Beer of Google’s Project Zero published a blog post that took a “very deep dive” into 1...

0.1AI score
Exploits0References4
The Hacker News
The Hacker News
added 2019/09/04 8:34 a.m.128 views

Exploit Reseller Offering Up To $2.5 Million For Android Zero-Days

Well, there's some good news for hackers and vulnerability hunters, though terrible news for Google, Android device manufacturers, and their billions of users worldwide. The zero-day buying and selling industry has recently taken a shift towards Android operating system, offering up to $2.5 milli...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/08/30 5:40 p.m.297 views

Unprecedented new iPhone malware discovered

A post by Ian Beer of Google Project Zero released late yesterday evening sent the security community reeling. According to Beer, a small set of websites had been hacked in February and were being used to attack iPhones, infecting them with malware. These sites, which see thousands of visitors pe...

8.1AI score0.15705EPSS
Exploits2
The Hacker News
The Hacker News
added 2019/08/30 7:33 a.m.2 views

Google Uncovers How Just Visiting Some Sites Were Secretly Hacking iPhones For Years

Beware Apple users! Your iPhone can be hacked just by visiting an innocent-looking website, confirms a terrifying report Google researchers released earlier today. The story goes back to a widespread iPhone hacking campaign that cybersecurity researchers from Google's Project Zero discovered...

9.3CVSS8.5AI score0.15705EPSS
Exploits2
0day.today
0day.today
added 2019/08/29 12:0 a.m.17 views

Jobberbase 2.0 - (subscribe) SQL Injection Exploit

Exploit for php platform in category web applications !/bin/bash Exploit Title: Jobberbase 2.0 - 'subscribe' SQL injection Exploit Author: Damian Ebelties https://zerodays.lol/ Vendor Homepage: http://www.jobberbase.com/ Version: 2.0 Tested on: Ubuntu 18.04.1 : ' The page "/subscribe/" is...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2019/08/13 8:29 p.m.229 views

Shades of BlueKeep: Wormable Remote Desktop Bugs Top August Patch Tuesday List

Microsoft’s August Patch Tuesday release contains updates for 93 CVEs, including 29 that are rated critical in severity. The highest priority of these include four critical remote code-execution RCE vulnerabilities in Remote Desktop Services RDS and a critical RCE flaw in Microsoft Word. Also, tw...

10CVSS0.1AI score0.75194EPSS
Exploits2References12
Trellix
Trellix
added 2019/04/18 12:0 a.m.16 views

IoT Zero-Days – Is Belkin WeMo Smart Plug the Next Malware Target?

ARCHIVED STORY IoT Zero-Days – Is Belkin WeMo Smart Plug the Next Malware Target? By Steve Povolny · April 18, 2019 Effective malware is typically developed with intention, targeting specific victims using either known or unknown vulnerabilities to achieve its primary functions. In this blog, we...

10CVSS8.7AI score0.03701EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2019/01/17 7:51 p.m.291 views

Improved Fallout EK comes back after short hiatus

Edit 2019-01-24 Fallout EK introduces a new dropper to facilitate the final payload retrieval. This update replaces the plain MZ we saw for a little while. -- After a short hiatus in early January, the Fallout exploit kit is back in business again with some new features for the new year. During i...

10CVSS0.2AI score0.81971EPSS
Exploits13
ThreatPost
ThreatPost
added 2018/08/14 8:42 p.m.100 views

Patch Tuesday: Microsoft Addresses Two Zero-Days in 60-Flaw Roundup

Microsoft has rolled out its August Patch Tuesday fixes, addressing 19 critical vulnerabilities, including fixes for two zero-day vulnerabilities that are under active attack. Overall, the company patched a total of 60 flaws, spanning Microsoft Windows, Edge, Internet Explorer IE, Office, .NET...

10CVSS0.1AI score0.73968EPSS
Exploits1References7
Rows per page
Query Builder