Search cyberveille.decio.ch

Found 57 bookmarks

Custom sorting

Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400)

On April 10, 2024, Volexity identified zero-day exploitation of a vulnerability found within the GlobalProtect feature of Palo Alto Networks PAN-OS at one of its network security monitoring (NSM) customers. Volexity received alerts regarding suspect network traffic emanating from the customer’s firewall. A subsequent investigation determined the device had been compromised. The following day, April 11, 2024, Volexity observed further, identical exploitation at another one of its NSM customers by the same threat actor.

#volexity #EN #2024 #Zero-Day #Exploitation #RCE #GlobalProtect #CVE-2024-3400

·volexity.com·Apr 13, 2024

Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400)

Google fixes two Pixel zero-day flaws exploited by forensics firms

Google has fixed two Google Pixel zero-days exploited by forensic firms to unlock phones without a PIN and gain access to the data stored within them.

#bleepingcomputer #EN #2024 #Android #Forensics #Google #Google-Pixel #Mobile #Pixel #Vulnerability #Zero-Day #GrapheneOS

·bleepingcomputer.com·Apr 3, 2024

Google fixes two Pixel zero-day flaws exploited by forensics firms

Google: Spyware vendors behind 50% of zero-days exploited in 2023

Google's Threat Analysis Group (TAG) and Google subsidiary Mandiant said they've observed a significant increase in the number of zero-day vulnerabilities exploited in attacks in 2023, many of them linked to spyware vendors and their clients.

#bleepingcomputer #EN #2024 #Google #Google-TAG #Mandiant #Spyware #Zero-Day #2023

·bleepingcomputer.com·Mar 27, 2024

Google: Spyware vendors behind 50% of zero-days exploited in 2023

Windows 11, Tesla, and Ubuntu Linux hacked at Pwn2Own Vancouver

On the first day of Pwn2Own Vancouver 2024, contestants demoed Windows 11, Tesla, and Ubuntu Linux zero-day vulnerabilities and exploit chains to win $732,500 and a Tesla Model 3 car.

#bleepingcomputer #EN #2024 #Competition #Exploit #Hacking #Linux #Pwn2Own #Tesla #Windows #Windows-11 #Zero-Day

·bleepingcomputer.com·Mar 21, 2024

Windows 11, Tesla, and Ubuntu Linux hacked at Pwn2Own Vancouver

How Memory Forensics Revealed Exploitation of Ivanti Connect Secure VPN Zero-Day Vulnerabilities

Volexity regularly prioritizes memory forensics when responding to incidents. This strategy improves investigative capabilities in many ways across Windows, Linux, and macOS. This blog post highlights some specific ways memory forensics played a key role in determining how two zero-day vulnerabilities were being chained together to achieve unauthenticated remote code execution in Ivanti Connect Secure VPN devices.

#volexity #EN #2024 #Ivanti #Connect #Secure #VPN #Zero-Day #Vulnerabilities

·volexity.com·Feb 1, 2024

How Memory Forensics Revealed Exploitation of Ivanti Connect Secure VPN Zero-Day Vulnerabilities

The biggest cybersecurity and cyberattack stories of 2023

2023 was a big year for cybersecurity, with significant cyberattacks, data breaches, new threat groups emerging, and, of course, zero-day vulnerabilities.

#bleepingcomputer #EN #2023 #Cyberattack #Cybercrime #Data-Breach #Law-Enforcement #Zero-Day #retrospective

·bleepingcomputer.com·Jan 3, 2024

The biggest cybersecurity and cyberattack stories of 2023

InfectedSlurs Botnet Spreads Mirai via Zero-Days

Akamai SIRT has uncovered two zero-day vulnerabilities that are being actively exploited to spread a Mirai variant in the wild.

#akamai #EN #2023 #Research #Threat-Intelligence #botnet #zero-day #mirai #china-cat

·akamai.com·Nov 22, 2023

InfectedSlurs Botnet Spreads Mirai via Zero-Days

New Microsoft Exchange zero-days allow RCE, data theft attacks

Microsoft Exchange is impacted by four zero-day vulnerabilities that attackers can exploit remotely to execute arbitrary code or disclose sensitive information on affected installations.

#bleepingcomputer #EN #2023 #Microsoft #Exchange #RCE #zero-day #ZDI

·bleepingcomputer.com·Nov 4, 2023

New Microsoft Exchange zero-days allow RCE, data theft attacks

European govt email servers hacked using Roundcube zero-day

The Winter Vivern Russian hacking group has been exploiting a Roundcube Webmail zero-day since at least October 11 to attack European government entities and think tanks.

#Cyber-espionage #Email #Europe #Government #Roundcube #Russia #Winter-Vivern #XSS #Zero-Day #CVE-2023-5631

·bleepingcomputer.com·Oct 27, 2023

European govt email servers hacked using Roundcube zero-day

Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers

ESET Research discover campaigns by the Winter Vivern APT group that exploit a zero-day XSS vulnerability in the Roundcube Webmail server and target governmental entities and a think tank in Europe.

#welivesecurity #ESET #2023 #EN #WinterVivern #APT #zero-day #XSS #vulnerability #Roundcube

·welivesecurity.com·Oct 27, 2023

Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers

Cisco discloses new IOS XE zero-day exploited to deploy malware implant

Cisco disclosed a new high-severity zero-day (CVE-2023-20273) today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week.

#bleepingcomputer #EN #2023 #Cisco #IOS-XE #Zero-Day #CVE-2023-20273

·bleepingcomputer.com·Oct 21, 2023

Cisco discloses new IOS XE zero-day exploited to deploy malware implant

Hackers exploit critical flaw in WordPress Royal Elementor plugin

A critical severity vulnerability impacting Royal Elementor Addons and Templates up to version 1.3.78 is reported to be actively exploited by two WordPress security teams.

#bleepingcomputer #EN #2023 #WordPress #Zero-Day #Elementor #0-Day #CVE-2023-5360

·bleepingcomputer.com·Oct 17, 2023

Hackers exploit critical flaw in WordPress Royal Elementor plugin

Sony confirms data breach impacting thousands in the U.S.

Sony Interactive Entertainment (Sony) has notified current and former employees and their family members about a cybersecurity breach that exposed personal information.

#bleepingcomputer #EN #2023 #Clop #Data-Breach #Data-Leak #MOVEit #MOVEit-Transfer #Ransomware #Sony #Zero-Day

·bleepingcomputer.com·Oct 4, 2023

Sony confirms data breach impacting thousands in the U.S.

Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers

Qualcomm is warning of three zero-day vulnerabilities in its GPU and Compute DSP drivers that hackers are actively exploiting in attacks.

#bleepingcomputer #EN #2023 #Actively-Exploited #Android #Mobile #Qualcomm #Vulnerability #Zero-Day #GPU #Adreno

·bleepingcomputer.com·Oct 3, 2023

Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers

Cisco urges admins to fix IOS software zero-day exploited in attacks

Cisco warned customers on Wednesday to patch a zero-day IOS and IOS XE software vulnerability targeted by attackers in the wild.

#bleepingcomputer #Cisco #Warning #Zero-Day #Security #InfoSec #Computer-Security #CVE-2023-20109

·bleepingcomputer.com·Oct 2, 2023

Cisco urges admins to fix IOS software zero-day exploited in attacks

Apple discloses 2 new zero-days exploited to attack iPhones, Macs

Apple released emergency security updates to fix two new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 13 exploited zero-days patched since the start of the year.

#bleepingcomputer #EN #2023 #Apple #Apple-Watch #Code-Execution #iOS #iPhone #Mac #watchOS #Zero-Day

·bleepingcomputer.com·Sep 7, 2023

Apple discloses 2 new zero-days exploited to attack iPhones, Macs

Ivanti warns of new actively exploited MobileIron zero-day bug

US-based IT software company Ivanti warned customers today that a critical Sentry API authentication bypass vulnerability is being exploited in the wild.

#bleepingcomputer #Ivanti #Actively-Exploited #Authentication-Bypass #MobileIron #Warning #Zero-Day #0-day

·bleepingcomputer.com·Aug 21, 2023

Ivanti warns of new actively exploited MobileIron zero-day bug

Critical Infrastructure Companies Warned to Watch for Ongoing Cyberattack

Hackers exploited a ‘zero-day’ flaw in Ivanti software to breach 12 ministries in Norway Norway’s security officials warned around 20 critical infrastructure companies, other businesses and public agencies in the country they might also be vulnerable to a cyberattack disclosed Monday that hit 12 government ministries.

#wsj #EN #2023 #zero-day #Ivanti #Norway

·wsj.com·Jul 30, 2023

Critical Infrastructure Companies Warned to Watch for Ongoing Cyberattack

Apple releases emergency update to fix zero-day exploited in attacks

Apple has issued a new round of Rapid Security Response (RSR) updates to address a new zero-day bug exploited in attacks and impacting fully-patched iPhones, Macs, and iPads.

#bleepingcomputer #EN #2023 #CVE-2023-37450 #Apple #iOS #iPad #iPhone #Mac #macOS #Rapid-Security-Response #Zero-Day

·bleepingcomputer.com·Jul 12, 2023

Apple releases emergency update to fix zero-day exploited in attacks

VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors

Additional techniques UNC3886 utilized across multiple organizations to evade EDR solutions.

#mandiant #EN #2023 #ESXi #Zero-Day #CVE-2023-20867 #CVE-2022-22948 #VMware

·mandiant.com·Jun 27, 2023

VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors

Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China

Mandiant is investigating a Barracuda ESG appliance zero-day vulnerability being exploited in the wild.

#mandiant #EN #2023 #Barracuda #ESG #Zero-Day #CVE-2023-2868 #China

·mandiant.com·Jun 15, 2023

Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China

Apple fixes three new zero-days exploited to hack iPhones, Macs

Apple has addressed three new zero-day vulnerabilities exploited in attacks to hack into iPhones, Macs, and iPads.

#bleepingcomputer #EN #2023 #Apple #iOS #iPhone #Mac #macOS #WebKit #Zero-Day

·bleepingcomputer.com·May 23, 2023

Apple fixes three new zero-days exploited to hack iPhones, Macs

Critical Vulnerabilities in PaperCut Print Management Software

Our team is tracking in-the-wild exploitation of zero-day vulnerabilities against PaperCut MF/NG which allow for unauthenticated remote code execution due to an authentication bypass.

#huntress #EN #2023 #PaperCut #zero-day #RCE #Print #Management #Software

·huntress.com·Apr 21, 2023

Critical Vulnerabilities in PaperCut Print Management Software

Google Chrome emergency update fixes first zero-day of 2023

Google has released an emergency Chrome security update to address the first zero-day vulnerability exploited in attacks since the start of the year.

#bleepingcomputer #EN #2023 #0-day #vulnerability #Emergency-Update #Chrome #Browser #Zero-Day

·bleepingcomputer.com·Apr 16, 2023

Google Chrome emergency update fixes first zero-day of 2023

Nokoyawa ransomware attacks with Windows zero-day

in February 2023, Kaspersky technologies detected a number of attempts to execute similar elevation-of-privilege exploits on Microsoft Windows servers belonging to small and medium-sized businesses in the Middle East, in North America, and previously in Asia regions. These exploits were very similar to already known Common Log File System (CLFS) driver exploits that we analyzed previously, but we decided to double check and it was worth it – one of the exploits turned out to be a zero-day, supporting different versions and builds of Windows, including Windows 11. The exploit was highly obfuscated with more than 80% of the its code being “junk” elegantly compiled into the binary, but we quickly fully reverse-engineered it and reported our findings to Microsoft. Microsoft assigned CVE-2023-28252 to the Common Log File System elevation-of-privilege vulnerability, and a patch was released on April 11, 2023, as part of April Patch Tuesday.

#securelist #EN #2023 #Nokoyawa #zero-day #Kaspersky #CVE-2023-28252 #analysis #ransomware #CLFS

·securelist.com·Apr 12, 2023

Nokoyawa ransomware attacks with Windows zero-day

Microsoft’s April 2023 Patch Tuesday Addresses 97 CVEs (CVE-2023-28252)

Microsoft addresses 97 CVEs, including one that was exploited in the wild as a zero day

#tenable #EN #2023 #PatchTuesday #april #zero-day #microsoft #list

·tenable.com·Apr 12, 2023

Microsoft’s April 2023 Patch Tuesday Addresses 97 CVEs (CVE-2023-28252)

Apple fixes two zero-days exploited to hack iPhones and Macs

Apple has released emergency security updates to address two new zero-day vulnerabilities exploited in attacks to compromise iPhones, Macs, and iPads.

#Apple #EN #2023 #updates #zero-day #vulnerabilities #ios #macos

·bleepingcomputer.com·Apr 7, 2023

Apple fixes two zero-days exploited to hack iPhones and Macs

Move, Patch, Get Out the Way: 2022 Zero-Day Exploitation Continues at an Elevated Pace

Mandiant tracked 55 zero-day vulnerabilities that we judge were exploited in 2022. Although this count is lower than the record-breaking 81 zero-days exploited in 2021, it still represents almost triple the number from 2020. * Chinese state-sponsored cyber espionage groups exploited more zero-days than other cyber espionage actors in 2022, which is consistent with previous years. * We identified four zero-day vulnerabilities exploited by financially motivated threat actors. 75% of these instances appear to be linked to ransomware operations. * Products from Microsoft, Google, and Apple made up the majority of zero-day vulnerabilities in 2022, consistent with previous years. The most exploited product types were operating systems (OS) (19), followed by browsers (11), security, IT, and network management products (10), and mobile OS (6).

#mandiant #EN #2022 #2023 #zero-day #zero-days #vulnerabilities #exploited #review

·mandiant.com·Mar 22, 2023

Move, Patch, Get Out the Way: 2022 Zero-Day Exploitation Continues at an Elevated Pace

Fortinet Zero-Day and Custom Malware Used by Suspected Chinese Actor in Espionage Operation

A suspected Chinese actor used a zero-day vulnerability in FortiOS and custom malware for espionage.

#mandiant #EN #2023 #zero-day #FortiOS #China #malware #Suspected

·mandiant.com·Mar 17, 2023

Fortinet Zero-Day and Custom Malware Used by Suspected Chinese Actor in Espionage Operation

Clop ransomware claims it breached 130 orgs using GoAnywhere zero-day

The Clop ransomware gang claims to be behind recent attacks that exploited a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool, saying they stole data from over 130 organizations.

#bleepingcomputer #EN #2023 #Clop #ransomware #GoAnywhere #zero-day

·bleepingcomputer.com·Feb 19, 2023

Clop ransomware claims it breached 130 orgs using GoAnywhere zero-day