-
New Android NoviSpy spyware linked to Qualcomm zero-day bugs
The Serbian government exploited Qualcomm zero-days to unlock and infect Android devices with a new spyware named 'NoviSpy,' used to spy on activists, journalists, and protestors.
- December 16, 2024
- 10:06 AM
2
-
Cleo patches critical zero-day exploited in data theft attacks
Cleo has released security updates for a zero-day flaw in its LexiCom, VLTransfer, and Harmony software, currently exploited in data theft attacks.
- December 12, 2024
- 12:03 PM
0
-
How Black Rifle Coffee slashed offboarding from weeks to minutes
Manual IAM processes slow down IT and introduce risk.
In this webinar, see how Black Rifle Coffee leverages automation to reduce offboarding time from weeks to minutes, save 120 hours of analyst time, and strengthen their security posture - all without adding headcount.
-
Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws
Today is Microsoft's December 2024 Patch Tuesday, which includes security updates for 71 flaws, including one actively exploited zero-day vulnerability.
- December 10, 2024
- 01:33 PM
- 2
-
US sanctions Chinese firm for hacking firewalls in ransomware attacks
The U.S. Treasury Department has sanctioned Chinese cybersecurity company Sichuan Silence and one of its employees for their involvement in a series of Ragnarok ransomware attacks targeting U.S. critical infrastructure companies and many other victims worldwide in April 2020.
- December 10, 2024
- 11:37 AM
- 0
-
New Windows zero-day exposes NTLM credentials, gets unofficial patch
A new zero-day vulnerability has been discovered that allows attackers to capture NTLM credentials by simply tricking the target into viewing a malicious file in Windows Explorer.
- December 06, 2024
- 11:32 AM
- 6
-
Mitel MiCollab zero-day flaw gets proof-of-concept exploit
Researchers have uncovered an arbitrary file read zero-day in the Mitel MiCollab collaboration platform, allowing attackers to access files on a server's filesystem.
- December 05, 2024
- 06:00 AM
- 0
-
Japan warns of IO-Data zero-day router flaws exploited in attacks
Japan's CERT is warning that hackers are exploiting zero-day vulnerabilities in I-O Data router devices to modify device settings, execute commands, or even turn off the firewall.
- December 04, 2024
- 10:28 AM
- 0
-
New Windows Server 2012 zero-day gets free, unofficial patches
Free unofficial security patches have been released through the 0patch platform to address a zero-day vulnerability introduced over two years ago in the Windows Mark of the Web (MotW) security mechanism.
- November 29, 2024
- 12:00 PM
- 1
-
Firefox and Windows zero-days exploited by Russian RomCom hackers
Russian-based RomCom cybercrime group chained two zero-day vulnerabilities in recent attacks targeting Firefox and Tor Browser users across Europe and North America.
- November 26, 2024
- 07:13 AM
- 3
-
Over 2,000 Palo Alto firewalls hacked using recently patched bugs
Hackers have already compromised thousands of Palo Alto Networks firewalls in attacks exploiting two recently patched zero-day vulnerabilities.
- November 21, 2024
- 02:46 PM
- 0
-
Apple fixes two zero-days used in attacks on Intel-based Macs
Apple released emergency security updates to fix two zero-day vulnerabilities that were exploited in attacks on Intel-based Mac systems.
- November 19, 2024
- 04:52 PM
- 0
-
Palo Alto Networks patches two firewall zero-days used in attacks
Palo Alto Networks has finally released security updates for an actively exploited zero-day vulnerability in its Next-Generation Firewalls (NGFW).
- November 18, 2024
- 03:50 PM
- 0
-
Botnet exploits GeoVision zero-day to install Mirai malware
A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks.
- November 15, 2024
- 02:39 PM
- 0
-
Palo Alto Networks warns of critical RCE zero-day exploited in attacks
Palo Alto Networks is warning that a critical zero-day vulnerability on Next-Generation Firewalls (NGFW) management interfaces, currently tracked as 'PAN-SA-2024-0015,' is actively being exploited in attacks.
- November 15, 2024
- 09:44 AM
- 0
-
Microsoft patches Windows zero-day exploited in attacks on Ukraine
Suspected Russian hackers were caught exploiting a recently patched Windows vulnerability as a zero-day in ongoing attacks targeting Ukrainian entities.
- November 13, 2024
- 04:33 PM
- 0
-
Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws
Today is Microsoft's November 2024 Patch Tuesday, which includes security updates for 89 flaws, including four zero-days, two of which are actively exploited.
- November 12, 2024
- 02:00 PM
- 5
-
Google fixes two Android zero-days used in targeted attacks
Google fixed two actively exploited Android zero-day flaws as part of its November security updates, addressing a total of 51 vulnerabilities.
- November 05, 2024
- 09:30 AM
- 0
-
Synology hurries out patches for zero-days exploited at Pwn2Own
Synology, a Taiwanese network-attached storage (NAS) appliance maker, patched two critical zero-days exploited during last week's Pwn2Own hacking competition within days.
- November 01, 2024
- 12:38 PM
- 0
-
Sophos reveals 5-year battle with Chinese hackers attacking network devices
Sophos disclosed today a series of reports dubbed "Pacific Rim" that detail how the cybersecurity company has been sparring with Chinese threat actors for over 5 years as they increasingly targeted networking devices worldwide, including those from Sophos.
- October 31, 2024
- 06:16 PM
- 2
-
Hackers target critical zero-day vulnerability in PTZ cameras
Hackers are attempting to exploit two zero-day vulnerabilities in PTZOptics pan-tilt-zoom (PTZ) live streaming cameras used in industrial, healthcare, business conferences, government, and courtroom settings.
- October 31, 2024
- 02:23 PM
- 0
