Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 4
67 résultats taggé zero-day  ✕
Hello 0-Days, My Old Friend: A 2024 Zero-Day Exploitation Analysis https://cloud.google.com/blog/topics/threat-intelligence/2024-zero-day-trends?hl=en
29/04/2025 14:04:07
QRCode
archive.org
thumbnail

This Google Threat Intelligence Group report presents an analysis of detected 2024 zero-day exploits.

Google Threat Intelligence Group (GTIG) tracked 75 zero-day vulnerabilities exploited in the wild in 2024, a decrease from the number we identified in 2023 (98 vulnerabilities), but still an increase from 2022 (63 vulnerabilities). We divided the reviewed vulnerabilities into two main categories: end-user platforms and products (e.g., mobile devices, operating systems, and browsers) and enterprise-focused technologies, such as security software and appliances.

Vendors continue to drive improvements that make some zero-day exploitation harder, demonstrated by both dwindling numbers across multiple categories and reduced observed attacks against previously popular targets. At the same time, commercial surveillance vendors (CSVs) appear to be increasing their operational security practices, potentially leading to decreased attribution and detection.

We see zero-day exploitation targeting a greater number and wider variety of enterprise-specific technologies, although these technologies still remain a smaller proportion of overall exploitation when compared to end-user technologies. While the historic focus on the exploitation of popular end-user technologies and their users continues, the shift toward increased targeting of enterprise-focused products will require a wider and more diverse set of vendors to increase proactive security measures in order to reduce future zero-day exploitation attempts.

GTIG EN 2025 google 2024 Zero-Day Exploitation Analysis report
SAP fixes suspected Netweaver zero-day exploited in attacks https://www.bleepingcomputer.com/news/security/sap-fixes-suspected-netweaver-zero-day-exploited-in-attacks/
25/04/2025 20:05:47
QRCode
archive.org
thumbnail

SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers.

bleepingcomputer EN 2025 Actively-Exploited Authentication-Bypass RCE Remote-Code-Execution SAP Vulnerability Zero-Day
Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit https://www.securityweek.com/threat-actor-allegedly-selling-fortinet-firewall-zero-day-exploit/
20/04/2025 12:44:39
QRCode
archive.org

A threat actor claims to offer a zero-day exploit for an unauthenticated remote code execution vulnerability in Fortinet firewalls.

securityweek EN 2025 Threat-Actor Selling Fortinet Firewall Zero-Day Exploit darkweb
Exploitation of CLFS zero-day leads to ransomware activity https://www.microsoft.com/en-us/security/blog/2025/04/08/exploitation-of-clfs-zero-day-leads-to-ransomware-activity/
13/04/2025 10:54:51
QRCode
archive.org
thumbnail

Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) have discovered post-compromise exploitation of a zero-day elevation of privilege vulnerability in the Windows Common Log File System (CLFS) against a small number of targets. The targets include organizations in the information technology (IT) and real estate sectors of the United States, the financial sector in Venezuela, a Spanish software company, and the retail sector in Saudi Arabia. Microsoft released security updates to address the vulnerability, tracked as CVE-2025-29824, on April 8, 2025.

microsoft EN 2025 MSTIC CVE-2025-29824 CLFS zero-day
EncryptHub's dual life: Cybercriminal vs Windows bug-bounty researcher https://www.bleepingcomputer.com/news/security/encrypthubs-dual-life-cybercriminal-vs-windows-bug-bounty-researcher/
08/04/2025 08:36:46
QRCode
archive.org
thumbnail

EncryptHub, a notorious threat actor linked to breaches at 618 organizations, is believed to have reported two Windows zero-day vulnerabilities to Microsoft, revealing a conflicted figure straddling the line between cybercrime and security research.

bleepingcomputer EN 2025 Cybercrime EncryptHub Hacker Microsoft Threat-Actor White-Hat-Hacker Zero-Day
Fortinet discloses second firewall auth bypass patched in January https://www.bleepingcomputer.com/news/security/fortinet-discloses-second-firewall-auth-bypass-patched-in-january/
12/02/2025 08:42:05
QRCode
archive.org
thumbnail

Fortinet has disclosed a second authentication bypass vulnerability that was fixed as part of a January 2025 update for FortiOS and FortiProxy devices.

bleepingcomputer Actively-Exploited Authentication-Bypass Fortinet FortiOS FortiProxy Zero-Day
CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks https://www.trendmicro.com/en_us/research/25/a/cve-2025-0411-ukrainian-organizations-targeted.html
07/02/2025 15:36:35
QRCode
archive.org
thumbnail

The ZDI team offers an analysis of how CVE-2025-0411, a zero-day vulnerability in 7-Zip was actively exploited to target Ukrainian organizations through spear-phishing and homoglyph attacks.

trendmicro EN 2025 CVE-2025-0411 Ukraine zero-day 7-Zip Targeted Campaign
U.S. Government Disclosed 39 Zero-Day Vulnerabilities in 2023, Per First-Ever Report https://www.zetter-zeroday.com/u-s-government-disclosed-39-zero-day-vulnerabilities-in-2023-per-first-ever-report/
07/02/2025 13:40:31
QRCode
archive.org
thumbnail

In a first-of-its-kind report, the US government has revealed that it disclosed 39 zero-day software vulnerabilities to vendors or the public in 2023 for the purpose of getting the vulnerabilities patched or mitigated, as opposed to retaining them to use in hacking operations.

It’s the first time the government has revealed specific numbers about its controversial Vulnerabilities Equities Process (VEP) — the process it uses to adjudicate decisions about whether zero-day vulnerabilities it discovers should be kept secret so law enforcement, intelligence agencies, and the military can exploit them in hacking operations or be disclosed to vendors to fix them. Zero-day vulnerabilities are security holes in software that are unknown to the software maker and are therefore unpatched at the time of discovery, making systems that use the software at risk of being hacked by anyone who discovers the flaw.

zetter-zeroday EN 2025 US zero-day disclose VEP Vulnerabilities Report
Active Exploitation of Zero-day Zyxel CPE Vulnerability (CVE-2024-40891) https://www.greynoise.io/blog/active-exploitation-of-zero-day-zyxel-cpe-vulnerability-cve-2024-40891?is=09685296f9ea1fb2ee0963f2febaeb3a55d8fb1eddbb11ed4bd2da49d711f2c7
01/02/2025 10:25:11
QRCode
archive.org
thumbnail

After identifying a significant overlap between IPs exploiting CVE-2024-40891 and those classified as Mirai, the team investigated a recent variant of Mirai and confirmed that the ability to exploit CVE-2024-40891 has been incorporated into some Mirai strains.

‍GreyNoise is observing active exploitation attempts targeting a zero-day critical command injection vulnerability in Zyxel CPE Series devices tracked as CVE-2024-40891. At this time, the vulnerability is not patched, nor has it been publicly disclosed. Attackers can leverage this vulnerability to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration. At publication, Censys is reporting over 1,500 vulnerable devices online.

greynoise EN 2025 CVE-2024-40891 active exploitation zero-day
Apple fixes this year’s first actively exploited zero-day bug https://www.bleepingcomputer.com/news/security/apple-fixes-this-years-first-actively-exploited-zero-day-bug/
28/01/2025 08:34:50
QRCode
archive.org
thumbnail

​Apple has released security updates to fix this year's first zero-day vulnerability, tagged as actively exploited in attacks targeting iPhone users.

bleepingcomputer EN 2025 Actively-Exploited Apple iOS iPhone Zero-Day
CVE-2025-0282: Ivanti Connect Secure zero-day exploited in the wild | Rapid7 Blog https://www.rapid7.com/blog/post/2025/01/08/etr-cve-2025-0282-ivanti-connect-secure-zero-day-exploited-in-the-wild/
09/01/2025 08:47:40
QRCode
archive.org
thumbnail

On Wednesday, January 8, 2025, Ivanti disclosed two CVEs affecting Ivanti Connect Secure, Policy Secure, and Neurons for ZTA gateways. CVE-2025-0282 is a stack-based buffer overflow vulnerability that allows remote, unauthenticated attackers to execute code on the target device. CVE-2025-0283 is a stack-based buffer overflow that allows local authenticated attackers to escalate privileges on the device.

rapid7 EN 2025 CVE-2025-0282 zero-day Ivanti CVE-2025-0283 ZTA gateways
2023 Top Routinely Exploited Vulnerabilities | CISA https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-317a
13/11/2024 09:39:18
QRCode
archive.org

In 2023, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority targets. In 2023, the majority of the most frequently exploited vulnerabilities were initially exploited as a zero-day, which is an increase from 2022, when less than half of the top exploited vulnerabilities were exploited as a zero-day.

Malicious cyber actors continue to have the most success exploiting vulnerabilities within two years after public disclosure of the vulnerability. The utility of these vulnerabilities declines over time as more systems are patched or replaced. Malicious cyber actors find less utility from zero-day exploits when international cybersecurity efforts reduce the lifespan of zero-day vulnerabilities.

cisa EN 2024 zero-day vulnerabilities 2023 Routinely-Exploited
Fortinet FortiManager CVE-2024-47575 Exploited in Zero-Day Attacks https://www.rapid7.com/blog/post/2024/10/23/etr-fortinet-fortimanager-cve-2024-47575-exploited-in-zero-day-attacks/
23/10/2024 18:45:31
QRCode
archive.org
thumbnail

On Wednesday, October 23, 2024, security company Fortinet published an advisory on CVE-2024-47575, a critical zero-day vulnerability affecting their FortiManager network management solution. The vulnerability arises from a missing authentication for a critical function [CWE-306] in the FortiManager fgfmd daemon that allows a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests. The vulnerability carries a CVSS v3 score of 9.8.

rapid7 EN 2024 Fortinet FortiManager CVE-2024-47575 Zero-Day
Hackers targeted Android users by exploiting zero-day bug in Qualcomm chips https://techcrunch.com/2024/10/09/hackers-were-targeting-android-users-with-qualcomm-zero-day/
09/10/2024 18:18:48
QRCode
archive.org
thumbnail

EXC: Security researchers at Google and Amnesty International discovered hackers exploiting the bug in an active hacking campaign.

techcrunch EN 2024 Android Qualcomm Zero-Day CVE-2024-43047
Ivanti warns of three more CSA zero-days exploited in attacks https://www.bleepingcomputer.com/news/security/ivanti-warns-of-three-more-csa-zero-days-exploited-in-attacks/
08/10/2024 18:24:32
QRCode
archive.org
thumbnail

American IT software company Ivanti has released security updates to fix three new Cloud Services Appliance (CSA) zero-days tagged as actively exploited in attacks.

bleepingcomputer EN 2024 Bypass Ivanti Code Command Actively Remote Services Exploited Injection Execution Security Zero-Day CSA Cloud Appliance CVE-2024-9379 CVE-2024-9380 CVE-2024-9381
Rackspace systems hit by zero-day exploit of third-party app • The Register https://www.theregister.com/2024/09/30/rackspace_zero_day_attack/
04/10/2024 13:33:44
QRCode
archive.org
thumbnail

Intruders accessed machines via tool bundled with ScienceLogic, 'limited' info taken, customers told not to worry

theregister EN 2024 Rackspace ScienceLogic zero-day exploit
Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes https://www.securityweek.com/microsoft-says-windows-update-zero-day-being-exploited-to-undo-security-fixes/
11/09/2024 21:46:57
QRCode
archive.org

Microsoft on Tuesday raised an alarm for in-the-wild exploitation of a critical flaw in Windows Update, warning that attackers are rolling back security fixes on certain versions of its flagship operating system.

securityweek EN 2024 CVE-2024-43491 Downdate Zero-Day in-the-wild Undo exploitation Windows Update Windows-Update
North Korean threat actor Citrine Sleet exploiting Chromium zero-day https://www.microsoft.com/en-us/security/blog/2024/08/30/north-korean-threat-actor-citrine-sleet-exploiting-chromium-zero-day/
03/09/2024 18:14:10
QRCode
archive.org
thumbnail

Microsoft observed North Korean threat actor Citrine Sleet exploiting the CVE-2024-7971 zero-day vulnerability in Chromium. Citrine Sleet targets the cryptocurrency sector for financial gain.

microsoft EN 2024 CVE-2024-7971 zero-day Chromium North-Korea cryptocurrency
Beware the Unpatchable: Corona Mirai Botnet Spreads via Zero-Day https://www.akamai.com/blog/security-research/2024-corona-mirai-botnet-infects-zero-day-sirt
29/08/2024 16:36:22
QRCode
archive.org
  • The Akamai Security Intelligence and Response Team (SIRT) has observed a botnet campaign that is abusing several previously exploited vulnerabilities, as well as a zero-day vulnerability discovered by the SIRT.

  • CVE-2024-7029 (discovered by Aline Eliovich) is a command injection vulnerability found in the brightness function of AVTECH closed-circuit television (CCTV) cameras that allows for remote code execution (RCE).

  • Once injected, the botnet spreads a Mirai variant with string names that reference the COVID-19 virus that has been seen since at least 2020.

  • We have included a list of indicators of compromise (IOCs) to assist in defense against this threat.

akamai EN 2024 botnet Mirai AVTECH zero-day vulnerability CCTV CVE-2024-7029
New 0-Day Attacks Linked to China’s ‘Volt Typhoon’ https://krebsonsecurity.com/2024/08/new-0-day-attacks-linked-to-chinas-volt-typhoon/
27/08/2024 17:11:05
QRCode
archive.org

Malicious hackers are exploiting a zero-day vulnerability in Versa Director, a software product used by many Internet and IT service providers. Researchers believe the activity is linked to Volt Typhoon, a Chinese cyber espionage group focused on infiltrating critical U.S.…

krebsonsecurity EN 2024 Versa-Director zero-day vulnerability Volt-Typhoon
page 1 / 4
4250 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio