Attackers bypass Sandworm patch with new 0-day
The Sandworm vulnerability has been patched, but unfortunately attackers have discovered a way to bypass the patch and continue with their targeted attacks. “As with …
Windows 0-day exploited in ongoing attacks, temporary workarounds offered
Microsoft is warning users about a new Windows zero-day vulnerability that is being actively exploited in the wild and is primarily a risk to users on servers and workstations …
Microsoft patches two more 0-days actively used by attackers
With this month’s Patch Tuesday, Microsoft has provided patches for several critical vulnerabilities that allow remote code execution, some of which have been or are …
Russian espionage group used Windows 0-day to target NATO, EU
In today’s Patch Tuesday, Microsoft will be releasing a wide variety of patches, and among them will be one for a zero-day vulnerability that has been used in a …
Flawed reused code opens zero-day in Cyanogenmod
An unnamed security researcher says that Cyanogenmod, the popular Android-based mobile OS, sports a zero-day vulnerability that can be misused to target users with …
CIA’s venture firm CISO offers singular solutions for cyber problems
In a eclectic keynote delivered to the Black Hat conference audience, Dan Geer, CISO at In-Q-Tel, made known his thoughts on and ideas about a number of things: from Internet …
Symantec issues update fixing Endpoint Protection zero-day
Symantec has issued updates for its Endpoint Protection solution that fix the zero-day escalation of privilege vulnerability recently discovered by Offensive Security …
0-days found in Symantec Endpoint Protection
While testing of the systems and networks of a financial services company, a team of penetration testers from Offensive Security have unearthed a number of vulnerabilities, …
Internet Explorer vulnerabilities increase 100%
Bromium Labs analyzed public vulnerabilities and exploits from the first six months of 2014. The research determined that Internet Explorer vulnerabilities have increased more …
Critical de-anonymization 0-days found in Tails
Tails, the security-focused Debian-based Linux distribution favoured by Edward Snowden, journalists and privacy-minded users around the world, sports a number of critical …
vBulletin vulnerable to SQL injection
A Romanian hacking community has discovered and responsibly reported a critical SQL injection vulnerability found in the latest version (5.1.2) of the popular web forum …
Google goes to war against zero-days
Google has announced the launch of Project Zero, a dedicated internal team that will concentrate on finding zero-day vulnerabilities in Google’s and third-party software …
Featured news
Resources
Don't miss
- How to map and manage your cyber attack surface with EASM
- Google is making sending end-to-end encrypted emails easy
- North Korean IT workers set their sights on European organizations
- Balancing data protection and clinical usability in healthcare
- BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework