Search cyberveille.decio.ch

Microsoft Diagnostic Tool "DogWalk" Package Path Traversal Gets Free Micropatches (0day/WontFix)

With the "Follina" / CVE-2022-30190 0day still hot, i.e., still waiting for an official fix while apparently already getting exploited by nation-backed attackers, another related unfixed vulnerability in Microsoft's Diagnostic Tool (MSDT) bubbled to the surface. In January 2020, security researcher Imre Rad published an article titled "The trouble with Microsoft’s Troubleshooters," describing a method for having a malicious executable file being saved to user's Startup folder, where it would subsequently get executed upon user's next login. What the user has to do for this to happen is open a "diagcab" file...

#0patch #EN #2022 #Follina #diagcab #CVE-2022-30190 #0-day #0day #Diagnostic #research

·blog.0patch.com·Jun 9, 2022

Microsoft Diagnostic Tool "DogWalk" Package Path Traversal Gets Free Micropatches (0day/WontFix)

Protecting Android users from 0-Day attacks

To protect our users, Google’s Threat Analysis Group (TAG) routinely hunts for 0-day vulnerabilities exploited in-the-wild. In 2021, we reported nine 0-days affecting Chrome, Android, Apple and Microsoft, leading to patches to protect users from these attacks.

#GoogleTAG #EN #2022 #Android #0-day #0day #cytrox #CVE-2021-1048 #chrome

·blog.google·May 22, 2022

Protecting Android users from 0-Day attacks

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.

#DeadBolt #NAS #QNAP #Ransomware #EN #bleepingcomputer #0-day #2022

·bleepingcomputer.com·Feb 15, 2022

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

Google Project Zero: Vendors are now quicker at fixing zero-days

Google's Project Zero has published a report showing that organizations took less time to address the zero-day vulnerabilities that the team reported last year.

#googleprojectzero #EN #0-day #metrics #bleepingcomputer

·bleepingcomputer.com·Feb 11, 2022

Google Project Zero: Vendors are now quicker at fixing zero-days

Thousands of routers and cameras vulnerable to new 0-day attacks by hostile botnet | Ars Technica

Internet scans show 7,000 devices may be vulnerable. The true number could be higher.

#arstechnica #EN #2023 #0-day #routers #cameras #mirai

·arstechnica.com·Nov 24, 2023

Thousands of routers and cameras vulnerable to new 0-day attacks by hostile botnet | Ars Technica

Microsoft Diagnostic Tool "DogWalk" Package Path Traversal Gets Free Micropatches (0day/WontFix)

With the "Follina" / CVE-2022-30190 0day still hot, i.e., still waiting for an official fix while apparently already getting exploited by nation-backed attackers, another related unfixed vulnerability in Microsoft's Diagnostic Tool (MSDT) bubbled to the surface. In January 2020, security researcher Imre Rad published an article titled "The trouble with Microsoft’s Troubleshooters," describing a method for having a malicious executable file being saved to user's Startup folder, where it would subsequently get executed upon user's next login. What the user has to do for this to happen is open a "diagcab" file...

#0patch #EN #2022 #Follina #diagcab #CVE-2022-30190 #0-day #0day #Diagnostic #research

·blog.0patch.com·Jun 9, 2022

Microsoft Diagnostic Tool "DogWalk" Package Path Traversal Gets Free Micropatches (0day/WontFix)

Protecting Android users from 0-Day attacks

To protect our users, Google’s Threat Analysis Group (TAG) routinely hunts for 0-day vulnerabilities exploited in-the-wild. In 2021, we reported nine 0-days affecting Chrome, Android, Apple and Microsoft, leading to patches to protect users from these attacks.

#GoogleTAG #EN #2022 #Android #0-day #0day #cytrox #CVE-2021-1048 #chrome

·blog.google·May 22, 2022

Protecting Android users from 0-Day attacks

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.

#DeadBolt #NAS #QNAP #Ransomware #EN #bleepingcomputer #0-day #2022

·bleepingcomputer.com·Feb 15, 2022

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

Google Project Zero: Vendors are now quicker at fixing zero-days

Google's Project Zero has published a report showing that organizations took less time to address the zero-day vulnerabilities that the team reported last year.

#googleprojectzero #EN #0-day #metrics #bleepingcomputer

·bleepingcomputer.com·Feb 11, 2022

Google Project Zero: Vendors are now quicker at fixing zero-days

Zimbra 0-day used to target international government organizations

TAG’s discovery of a 0-day exploit used to steal email data from international government organizations.

#blog.google #EN #2023 #Zimbra #0-day #government #TAG #exploit #XSS #CVE-2023-37580

·blog.google·Nov 16, 2023

Zimbra 0-day used to target international government organizations

SysAid Zero-Day Vulnerability Exploited by Ransomware Group - SecurityWeek

CVE-2023-47246, a zero-day vulnerability in SysAid IT service management software has been exploited by Cl0p ransomware affiliates.

#securityweek #EN #2023 #SysAid #CVE-2023-47246 #0-day

·securityweek.com·Nov 9, 2023

SysAid Zero-Day Vulnerability Exploited by Ransomware Group - SecurityWeek

ZDI-23-1578 | Zero Day Initiative

(0Day) Microsoft Exchange ChainedSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability

#zerodayinitiative #EN #2023 #0-Day #Microsoft #Exchange #ChainedSerializationBinder #Deserialization #RCE

·zerodayinitiative.com·Nov 4, 2023

ZDI-23-1578 | Zero Day Initiative

Hackers exploit critical flaw in WordPress Royal Elementor plugin

A critical severity vulnerability impacting Royal Elementor Addons and Templates up to version 1.3.78 is reported to be actively exploited by two WordPress security teams.

#bleepingcomputer #EN #2023 #WordPress #Zero-Day #Elementor #0-Day #CVE-2023-5360

·bleepingcomputer.com·Oct 17, 2023

Hackers exploit critical flaw in WordPress Royal Elementor plugin

CVE: Zero-Day Privilege Escalation in Confluence Server & Data Center

On 10/4/2023, Atlassian published a security advisory on CVE-2023-22515, a privilege escalation vulnerability affecting Confluence Server & Data Center.

#rapid7 #EN #2023 #Atlassian #Confluence #cve-2023-22515 #0-Day

·rapid7.com·Oct 4, 2023

CVE: Zero-Day Privilege Escalation in Confluence Server & Data Center

New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware

The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023. "The targeting took place after Eltantawy publicly stated his plans to run for President in the 2024 Egyptian elections," the Citizen Lab said, attributing the attack with high confidence to the Egyptian government owing to it being a known customer of the commercial spying tool.

#thehackernews #EN #2023 #0-day #0-days #Predator #Egypt #Apple #CitizenLab #CVE-2023-41991 #CVE-2023-41992 #CVE-2023-41993

·thehackernews.com·Sep 23, 2023

New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware

Apple emergency updates fix 3 new zero-days exploited in attacks

Apple released emergency security updates to patch three new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 16 zero-days patched this year.

#bleepingcomputer #Apple #iPhone #Mac #EN #2023 #0-day #CVE-2023-41993 #CVE-2023-41991

·bleepingcomputer.com·Sep 21, 2023

Apple emergency updates fix 3 new zero-days exploited in attacks

North Korea-backed hackers target security researchers with 0-day

Google researchers say currently unfixed vulnerability affects a popular software package.

#arstechnica #EN #2023 #North-Korea #security #researchers #0-day #popular #software

·arstechnica.com·Sep 11, 2023

North Korea-backed hackers target security researchers with 0-day

Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)

UNC4841 has continued operations despite Barracuda ESG zero-day remediation efforts.

#mandiant #EN #2023 #UNC4841 #Barracuda #ESG #0-day #CVE-2023-2868

·mandiant.com·Aug 29, 2023

Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)

WinRAR 0-day that uses poisoned JPG and TXT files under exploit since April | Ars Technica

Vulnerability allows hackers to execute malicious code when targets open malicious ZIP files.

#arstechnica #EN #WinRAR #0-day #CVE-2023-38831

·arstechnica.com·Aug 24, 2023

WinRAR 0-day that uses poisoned JPG and TXT files under exploit since April | Ars Technica

macOS 0day: App Management

App Management is a new macOS security feature in Ventura introduced at WWDC last year: If an app is modified by something that isn't signed by the same development team and isn't allowed by an NSUpdateSecurityPolicy, macOS will block the modification and notify the user that an app wants to manage other apps. Clicking on the notification sends people to System Settings, where they can allow an app to update and modify other apps.

#lapcatsoftware #EN #2023 #macOS #0-day #AppManagement

·lapcatsoftware.com·Aug 22, 2023

macOS 0day: App Management

Ivanti warns of new actively exploited MobileIron zero-day bug

US-based IT software company Ivanti warned customers today that a critical Sentry API authentication bypass vulnerability is being exploited in the wild.

#bleepingcomputer #Ivanti #Actively-Exploited #Authentication-Bypass #MobileIron #Warning #Zero-Day #0-day

·bleepingcomputer.com·Aug 21, 2023

Ivanti warns of new actively exploited MobileIron zero-day bug

Microsoft Diagnostic Tool "DogWalk" Package Path Traversal Gets Free Micropatches (0day/WontFix)

With the "Follina" / CVE-2022-30190 0day still hot, i.e., still waiting for an official fix while apparently already getting exploited by nation-backed attackers, another related unfixed vulnerability in Microsoft's Diagnostic Tool (MSDT) bubbled to the surface. In January 2020, security researcher Imre Rad published an article titled "The trouble with Microsoft’s Troubleshooters," describing a method for having a malicious executable file being saved to user's Startup folder, where it would subsequently get executed upon user's next login. What the user has to do for this to happen is open a "diagcab" file...

#0patch #EN #2022 #Follina #diagcab #CVE-2022-30190 #0-day #0day #Diagnostic #research

·blog.0patch.com·Jun 9, 2022

Microsoft Diagnostic Tool "DogWalk" Package Path Traversal Gets Free Micropatches (0day/WontFix)

Protecting Android users from 0-Day attacks

To protect our users, Google’s Threat Analysis Group (TAG) routinely hunts for 0-day vulnerabilities exploited in-the-wild. In 2021, we reported nine 0-days affecting Chrome, Android, Apple and Microsoft, leading to patches to protect users from these attacks.

#GoogleTAG #EN #2022 #Android #0-day #0day #cytrox #CVE-2021-1048 #chrome

·blog.google·May 22, 2022

Protecting Android users from 0-Day attacks

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.

#DeadBolt #NAS #QNAP #Ransomware #EN #bleepingcomputer #0-day #2022

·bleepingcomputer.com·Feb 15, 2022

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

Google Project Zero: Vendors are now quicker at fixing zero-days

Google's Project Zero has published a report showing that organizations took less time to address the zero-day vulnerabilities that the team reported last year.

#googleprojectzero #EN #0-day #metrics #bleepingcomputer

·bleepingcomputer.com·Feb 11, 2022

Google Project Zero: Vendors are now quicker at fixing zero-days

Trustwave Action Response: Zero Day Exploitation of MOVEit (CVE-2023-34362)

On May 31, threat actors were discovered targeting a critical zero day in MOVEit Transfer software resulting in escalated privileges and unauthorized data access. The vulnerability being exploited is an SQL injection and has since been patched. Resources links, including one for the patch, are at the bottom of this post.

#trustwave #EN #2023 #0-day #MOVEit #CVE-2023-34362 #analysis

·trustwave.com·Jun 6, 2023

Trustwave Action Response: Zero Day Exploitation of MOVEit (CVE-2023-34362)