Cyberveilleby Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 2
22 résultats taggé 0-day  ✕
Project Zero: Multiple Internet to Baseband Remote Code Execution Vulnerabilities in Exynos Modems https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html
18/03/2023 02:08:53
QRCode
archive.org

In late 2022 and early 2023, Project Zero reported eighteen 0-day vulnerabilities in Exynos Modems produced by Samsung Semiconductor. The four most severe of these eighteen vulnerabilities (CVE-2023-24033 and three other vulnerabilities that have yet to be assigned CVE-IDs) allowed for Internet-to-baseband remote code execution. Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker know the victim's phone number. With limited additional research and development, we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely.

googleprojectzero EN 2023 0-day Baseband RCE Vulnerabilities Exynos Samsung
Everything We Know About CVE-2023-23397 https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397?hss_channel=tw-3330464153
17/03/2023 21:07:36
QRCode
archive.org
thumbnail

Huntress is tracking CVE-2023-23397, a 0-day that impacts Microsoft Outlook and requires no user interaction to expose user credential hashes.

huntress EN 2023 CVE-2023-23397 0-day Microsoft Outlook
Microsoft’s March 2023 Patch Tuesday Addresses 76 CVEs (CVE-2023-23397) https://www.tenable.com/blog/microsofts-march-2023-patch-tuesday-addresses-76-cves-cve-2023-23397
14/03/2023 22:50:06
QRCode
archive.org
thumbnail

Microsoft’s March 2023 Patch Tuesday Addresses 76 CVEs (CVE-2023-23397)Microsoft addresses 76 CVEs including two zero-days exploited in the wild, one of which was publicly disclosed.

tenable EN 2023 0-day PatchTuesday zero-days March
Rogue CyberSecurity Company Employee Tried To Sell Powerful, Stolen iPhone Malware For $50-Million https://josephsteinberg.com/rogue-cybersecurity-company-employee-tried-to-sell-powerful-stolen-iphone-malware-for-50-million/
13/03/2023 20:46:28
QRCode
archive.org
thumbnail

An employee of cyberweapon manufacturer, NSO Group, tried to sell advanced malware to unauthorized parties for $50-Million, according to an Israeli indictment unsealed last week against the individual in question. About two years ago, Herzliya-based NSO Group developed a powerful cyberweapon called Pegasus, which operated as malware that exploited three previously unknown vulnerabilities in iPhones […]

josephsteinberg EN 2023 Pegasus Employee NSO sell 0-day
https://infosec.exchange/@briankrebs/109795710941843934?s=09 https://infosec.exchange/@briankrebs/109795710941843934?s=09
05/02/2023 10:47:36
QRCode
archive.org
thumbnail

GoAnywhere MFT, a popular file transfer application, is warning about a zero-day remote code injection exploit. The company said it has temporarily implemented a service outage in response.

GoAnywhere MFT 0day 0-day BrianKrebs exploit
Why would you want to hack Electric Vehicle Charging Stations? https://blog.lukaszolejnik.com/why-would-you-want-to-hack-electric-vehicle-charging-stations/
22/11/2022 21:17:08
QRCode
archive.org
thumbnail

A Russian zero-day exploit purchase site is interested in tools for hacking of Electric Vehicle Charging Stations. This raises a number of questions. Why would anybody want to hack such targets? Also, why would Russian entities (in particular) be interested in such targets? The best answer to these is “good question!”, and let's put politics aside. Let’s explore the potential cybersecurity risks of electric vehicle charging station, assuming the ability of compromising them at a scale, having some kind of tools. It turns out that this is a fascinating security problem!

lukaszolejnik EN 2022 cyber-risk cyberwarfare security 0-day Vehicle Charging Stations
Control Your Types or Get Pwned: Remote Code Execution in Exchange PowerShell Backend https://www.zerodayinitiative.com/blog/2022/11/14/control-your-types-or-get-pwned-remote-code-execution-in-exchange-powershell-backend
21/11/2022 09:57:13
QRCode
archive.org
thumbnail

By now you have likely already heard about the in-the-wild exploitation of Exchange Server, chaining CVE-2022-41040 and CVE-2022-41082. It was originally submitted to the ZDI program by the researcher known as “DA-0x43-Dx4-DA-Hx2-Tx2-TP-S-Q from GTSC”. After successful validation, it was immediately

zerodayinitiative EN 2022 0-day CVE-2022-41040 CVE-2022-41082 PowerShell
Bad VIB(E)s Part One: Investigating Novel Malware Persistence Within ESXi Hypervisors | Mandiant https://www.mandiant.com/resources/blog/esxi-hypervisors-malware-persistence
03/10/2022 20:11:54
QRCode
archive.org
thumbnail

Earlier this year, Mandiant identified a novel malware ecosystem impacting VMware ESXi, Linux vCenter servers, and Windows virtual machines that enables a threat actor to take the following actions:

1) Maintain persistent administrative access to the hypervisor
2) Send commands to the hypervisor that will be routed to the guest VM for execution
3) Transfer files between the ESXi hypervisor and guest machines running beneath it
4) Tamper with logging services on the hypervisor

mandiant EN 2022 esxi hypervisors malware BadVIB(E)s 0-day
Warning: New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server https://gteltsc.vn/blog/warning-new-attack-campaign-utilized-a-new-0day-rce-vulnerability-on-microsoft-exchange-server-12715.html
30/09/2022 09:27:43
QRCode
archive.org
thumbnail

Circa the beginning of August 2022, while doing security monitoring & incident response services, GTSC SOC team discovered that a critical infrastructure was being attacked, specifically to their Microsoft Exchange application. During the investigation, GTSC Blue Team experts determined that the attack utilized an unpublished Exchange security vulnerability, i.e., a 0-day vulnerability, thus immediately came up with a temporary containment plan.

gteltsc.vn EN 2022 Microsoft-Exchange Exchange 0-day RCE vulnerability campaign IoCs
PSA: Nearly 5 Million Attacks Blocked Targeting 0-Day in BackupBuddy Plugin https://www.wordfence.com/blog/2022/09/psa-nearly-5-million-attacks-blocked-targeting-0-day-in-backupbuddy-plugin/
09/09/2022 15:28:47
QRCode
archive.org
thumbnail

Late evening, on September 6, 2022, the Wordfence Threat Intelligence team was alerted to the presence of a vulnerability being actively exploited in BackupBuddy, a WordPress plugin we estimate has around 140,000 active installations. This vulnerability makes it possible for unauthenticated users to download arbitrary files from the affected site which can include sensitive information. ...Read More

wordfence EN 2022 Wordpress vulnerability 0-day BackupBuddy plugin
Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits https://www.microsoft.com/security/blog/2022/07/27/untangling-knotweed-european-private-sector-offensive-actor-using-0-day-exploits/?s=09
28/07/2022 00:40:38
QRCode
archive.org
thumbnail

MSTIC and MSRC disclose technical details of a private-sector offensive actor (PSOA) tracked as KNOTWEED using multiple Windows and Adobe 0-day exploits, including one for the recently patched CVE-2022-22047, in limited and targeted attacks against European and Central American customers.

microsoft EN 2022 KNOTWEED 0day 0-day CVE-2022-22047 spyware PSOA
Project Zero: An Autopsy on a Zombie In-the-Wild 0-day https://googleprojectzero.blogspot.com/2022/06/an-autopsy-on-zombie-in-wild-0-day.html
21/06/2022 08:57:54
QRCode
archive.org

Whenever there’s a new in-the-wild 0-day disclosed, I’m very interested in understanding the root cause of the bug. This allows us to then understand if it was fully fixed, look for variants, and brainstorm new mitigations. This blog is the story of a “zombie” Safari 0-day and how it came back from the dead to be disclosed as exploited in-the-wild in 2022. CVE-2022-22620 was initially fixed in 2013, reintroduced in 2016, and then disclosed as exploited in-the-wild in 2022. If you’re interested in the full root cause analysis for CVE-2022-22620, we’ve published it here.

googleprojectzero EN 2022 0-day Safari CVE-2022-22620 Apple
Microsoft Diagnostic Tool "DogWalk" Package Path Traversal Gets Free Micropatches (0day/WontFix) https://blog.0patch.com/2022/06/microsoft-diagnostic-tools-dogwalk.html
09/06/2022 08:29:27
QRCode
archive.org
thumbnail

With the "Follina" / CVE-2022-30190 0day still hot, i.e., still waiting for an official fix while apparently already getting exploited by nation-backed attackers, another related unfixed vulnerability in Microsoft's Diagnostic Tool (MSDT) bubbled to the surface.

In January 2020, security researcher Imre Rad published an article titled "The trouble with Microsoft’s Troubleshooters," describing a method for having a malicious executable file being saved to user's Startup folder, where it would subsequently get executed upon user's next login. What the user has to do for this to happen is open a "diagcab" file...

0patch EN 2022 Follina diagcab CVE-2022-30190 0-day 0day Diagnostic research
Put an io_uring on it: Exploiting the Linux Kernel - Blog | https://www.graplsecurity.com/post/iou-ring-exploiting-the-linux-kernel
04/06/2022 17:36:28
QRCode
archive.org

At Grapl we believe that in order to build the best defensive system we need to deeply understand attacker behaviors. As part of that goal we're investing in offensive security research. Keep up with our blog for new research on high risk vulnerabilities, exploitation, and advanced threat tactics.

Graplsecurity en 2022 0-day Linux kernel exploit redteam research
Protecting Android users from 0-Day attacks https://blog.google/threat-analysis-group/protecting-android-users-from-0-day-attacks/
22/05/2022 16:26:48
QRCode
archive.org
thumbnail

To protect our users, Google’s Threat Analysis Group (TAG) routinely hunts for 0-day vulnerabilities exploited in-the-wild. In 2021, we reported nine 0-days affecting Chrome, Android, Apple and Microsoft, leading to patches to protect users from these attacks.

GoogleTAG EN 2022 EN Android 0-day 0day cytrox CVE-2021-1048 chrome
The More You Know, The More You Know You Don’t Know https://googleprojectzero.blogspot.com/2022/04/the-more-you-know-more-you-know-you.html
20/04/2022 07:58:06
QRCode
archive.org
thumbnail

A Year in Review of 0-days Used In-the-Wild in 2021

googleprojectzero EN 2022 2021 0-day 0-days Review Year
Chrome Zero-Day Under Active Attack: Patch ASAP | Threatpost https://threatpost.com/google-chrome-zero-day-under-attack/178428/
16/02/2022 20:38:31
QRCode
archive.org
thumbnail

The year's 1st Chrome zero-day can lead to all sorts of misery, ranging from data corruption to the execution of arbitrary code on vulnerable systems.

malware threatpost EN 2022 Chrome 0-day CVE-2022-0609
New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key https://www.bleepingcomputer.com/news/security/new-deadbolt-ransomware-targets-qnap-devices-asks-50-btc-for-master-key/
15/02/2022 20:59:55
QRCode
archive.org
thumbnail

A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.

DeadBolt NAS QNAP Ransomware EN bleepingcomputer 0-day 2022
Critical Magento 0-Day Vulnerability Under Active Exploitation — Patch Released https://thehackernews.com/2022/02/critical-magento-0-day-vulnerability.html
14/02/2022 08:17:20
QRCode
archive.org

Adobe on Sunday rolled out patches to contain a critical security vulnerability impacting its Commerce and Magento Open Source products that it said is being actively exploited in the wild.

CVE-2022-24086 thehackernews EN Magento critical 0-day
Operation EmailThief: Active Exploitation of Zero-day XSS Vulnerability in Zimbra https://www.volexity.com/blog/2022/02/03/operation-emailthief-active-exploitation-of-zero-day-xss-vulnerability-in-zimbra/
13/02/2022 01:37:20
QRCode
archive.org
thumbnail
Volexity EN Zimbra 0-day TEMP_Heretic
page 1 / 2
1185 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn - Curated by Decio