Recherche : [zero-day]

Fortinet Zero-Day and Custom Malware Used by Suspected Chinese Actor in Espionage Operation https://www.mandiant.com/resources/blog/fortinet-malware-ecosystem

17/03/2023 21:06:14

A suspected Chinese actor used a zero-day vulnerability in FortiOS and custom malware for espionage.

Clop ransomware claims it breached 130 orgs using GoAnywhere zero-day https://www.bleepingcomputer.com/news/security/clop-ransomware-claims-it-breached-130-orgs-using-goanywhere-zero-day/

19/02/2023 22:10:36

The Clop ransomware gang claims to be behind recent attacks that exploited a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool, saying they stole data from over 130 organizations.

Apple patches are out – old iPhones get an old zero-day fix at last! https://nakedsecurity.sophos.com/2023/01/24/apple-patches-are-out-old-iphones-get-an-old-zero-day-fix-at-last/

24/01/2023 08:57:50

Don’t delay, especially if you’re still running an iOS 12 device… please do it today!

Jenkins discloses dozens of zero-day bugs in multiple plugins https://www.bleepingcomputer.com/news/security/jenkins-discloses-dozens-of-zero-day-bugs-in-multiple-plugins/

05/01/2023 08:28:08

On Thursday, the Jenkins security team announced 34 security vulnerabilities affecting 29 plugins for the Jenkins open source automation server, 29 of the bugs being zero-days still waiting to be patched.

CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange https://securelist.com/cve-2022-41040-and-cve-2022-41082-zero-days-in-ms-exchange/108364/

20/12/2022 17:56:09

At the end of September, GTSC reported the finding of two 0-day vulnerabilities in Microsoft Exchange Server, CVE-2022-41040 and CVE-2022-41082. The cybersecurity community dubbed the pair of vulnerabilities ProxyNotShell.

Cisco discloses high-severity IP phone zero-day with exploit code https://www.bleepingcomputer.com/news/security/cisco-discloses-high-severity-ip-phone-zero-day-with-exploit-code/

12/12/2022 15:48:05

Cisco has disclosed today a high-severity zero-day vulnerability affecting the latest generation of its IP phones and exposing them to remote code execution and denial of service (DoS) attacks.

Google pushes emergency Chrome update to fix 8th zero-day in 2022 https://www.bleepingcomputer.com/news/security/google-pushes-emergency-chrome-update-to-fix-8th-zero-day-in-2022/

25/11/2022 11:29:34

Google has released an emergency security update for the desktop version of the Chrome web browser, addressing the eighth zero-day vulnerability exploited in attacks this year.

Apple Fixes Exploited Zero-Day With iOS 16.1 Patch | SecurityWeek.Com https://www.securityweek.com/apple-fixes-exploited-zero-day-ios-161-patch

25/10/2022 09:21:25

Apple confirms the active exploitation of CVE-2022-42827, warning in a barebones advisory that the flaw exposes iPhones and iPads to arbitrary code execution attacks.

Zero-Day Exploitation of Atlassian Confluence https://www.volexity.com/blog/2022/06/02/zero-day-exploitation-of-atlassian-confluence/

03/06/2022 09:53:27

Over the Memorial Day weekend in the United States, Volexity conducted an incident response investigation involving two Internet-facing web servers belonging to one of its customers that were running Atlassian Confluence Server software. The investigation began after suspicious activity was detected on the hosts, which included JSP webshells being written to disk

Microsoft Zero-Days, Wormable Bugs Spark Concern https://threatpost.com/microsoft-zero-days-wormable-bugs/179273/

13/04/2022 16:10:01

For April Patch Tuesday, the computing giant addressed a zero-day under active attack and several critical security vulnerabilities, including three that allow self-propagating exploits.

China-backed APT41 compromised ‘at least’ six US state governments https://techcrunch.com/2022/03/08/apt41-state-governments/

09/03/2022 08:47:52

The prolific China APT41 hacking group, known for carrying out espionage in parallel with financially motivated operations, has compromised multiple U.S. state government networks, according to cybersecurity giant Mandiant. The group — seemingly undeterred by U.S. indictments against five APT41 members in 2020 — conducted a months-long campaign during which it targeted and successfully breached […]

Liens par page

Filtres