Recherche : [0day] - Cyberveille

Where There’s Smoke, There’s Fire - Mitel MiCollab CVE-2024-35286, CVE-2024-41713 And An 0day https://labs.watchtowr.com/where-theres-smoke-theres-fire-mitel-micollab-cve-2024-35286-cve-2024-41713-and-an-0day/

05/12/2024 16:50:05

Windows Server 2012 Mark of the Web Vulnerability (0day) - and Free Micropatches for it https://blog.0patch.com/2024/11/windows-server-2012-mark-of-web.html

03/12/2024 09:33:44

Our researchers discovered a previously unknown vulnerability on Windows Server 2012 and Server 2012 R2 that allows an attacker to bypass a ...

Gergely's hack blog – badmalloc (CVE-2023-32428) - a macOS LPE https://gergelykalman.com/badmalloc-CVE-2023-32428-a-macos-lpe.html

28/11/2024 10:22:57

I recently realised that I still owe you guys some writeups, so since OBTSv7 is around the corner here's the one for badmalloc. I found this back in March 2023, and it got fixed in October. About the bug There's a bug in MallocStackLogging, Apple's "magical" framework that allows developers …

https://infosec.exchange/@briankrebs/109795710941843934?s=09 https://infosec.exchange/@briankrebs/109795710941843934?s=09

05/02/2023 10:47:36

GoAnywhere MFT, a popular file transfer application, is warning about a zero-day remote code injection exploit. The company said it has temporarily implemented a service outage in response.

Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits https://www.microsoft.com/security/blog/2022/07/27/untangling-knotweed-european-private-sector-offensive-actor-using-0-day-exploits/?s=09

28/07/2022 00:40:38

MSTIC and MSRC disclose technical details of a private-sector offensive actor (PSOA) tracked as KNOTWEED using multiple Windows and Adobe 0-day exploits, including one for the recently patched CVE-2022-22047, in limited and targeted attacks against European and Central American customers.

Microsoft Diagnostic Tool "DogWalk" Package Path Traversal Gets Free Micropatches (0day/WontFix) https://blog.0patch.com/2022/06/microsoft-diagnostic-tools-dogwalk.html

09/06/2022 08:29:27

With the "Follina" / CVE-2022-30190 0day still hot, i.e., still waiting for an official fix while apparently already getting exploited by nation-backed attackers, another related unfixed vulnerability in Microsoft's Diagnostic Tool (MSDT) bubbled to the surface.

In January 2020, security researcher Imre Rad published an article titled "The trouble with Microsoft’s Troubleshooters," describing a method for having a malicious executable file being saved to user's Startup folder, where it would subsequently get executed upon user's next login. What the user has to do for this to happen is open a "diagcab" file...

Protecting Android users from 0-Day attacks https://blog.google/threat-analysis-group/protecting-android-users-from-0-day-attacks/

22/05/2022 16:26:48

To protect our users, Google’s Threat Analysis Group (TAG) routinely hunts for 0-day vulnerabilities exploited in-the-wild. In 2021, we reported nine 0-days affecting Chrome, Android, Apple and Microsoft, leading to patches to protect users from these attacks.

Exposing initial access broker with ties to Conti https://blog.google/threat-analysis-group/exposing-initial-access-broker-ties-conti/

20/03/2022 10:48:30

Threat Analysis Group (TAG) observed a financially motivated threat actor we refer to as EXOTIC LILY, exploiting a 0day in Microsoft MSHTML (CVE-2021-40444). Investigating this group's activity, we determined they are an Initial Access Broker (IAB) who appear to be working with the Russian cyber crime gang known as FIN12 (Mandiant, FireEye) / WIZARD SPIDER (CrowdStrike).

Liens par page

Filtres