Tag: zero day

Here you will find all the articles with the tag: zero day.

Lazarus Group strikes at kernel level via Windows AppLocker driver

Lazarus Group strikes at kernel level via Windows AppLocker driver

Lazarus Group hackers broke into systems via a zero-day vulnerability in the Windows AppLocker driver and gained access at the kernel level. An enhanced version of their rootkit allowed them to disable security tools on affected systems. According to Avast research, a zero-day vulnerability in t... Read more

date29 days ago
Spyware industry develops most zero-days and governments promote it

Spyware industry develops most zero-days and governments promote it

Commercial spyware vendors appear to be the largest developers of zero-day vulnerabilities. Through these vulnerabilities, spyware such as Pegasus and Predator can be installed on devices worldwide. This was stated in a report by Google, in which the tech company is also calling for greater actions... Read more

date2 months ago
Hackers can expand Mirai botnet by at least 7,000 devices

Hackers can expand Mirai botnet by at least 7,000 devices

Hackers exploit two zero-day vulnerabilities to connect routers and surveillance cameras to a botnet. They then deploy the botnet for DDoS attacks. At least 7,000 devices are vulnerable. Researchers at Akamai tracked down the zero-day vulnerabilities and warned of the danger in a blog on Tuesda... Read more

date4 months ago
Atlassian patches highly critical zero-day in Confluence software

Atlassian patches highly critical zero-day in Confluence software

Atlassian recently released some emergency patches for a highly critical zero-day vulnerability in its Confluence DataCenter and Server software. Hackers have already exploited the vulnerability. According to Atlassian, this zero-day vulnerability is part of Confluence DataCenter and Server inst... Read more

date6 months ago
Apple fixes overheating issues for iPhone 15 and zero-day exploits

Apple fixes overheating issues for iPhone 15 and zero-day exploits

Apple recently released a number of updates to iOS 17 and iPadOS 17. Among them, the iPhone 15's overheating problem has been addressed and acute zero-day exploits have been fixed. With a recent update to iOS 17.0.3, Apple addressed the iPhone 15's well-known overheating problem. Some other bugs... Read more

date6 months ago
Chrome patch fixes yet another zero-day vulnerability

Chrome patch fixes yet another zero-day vulnerability

Google is releasing another fix for a zero-day vulnerability. The news marks the third time this year that hackers have exploited such vulnerabilities within the popular browser, raising concerns about its susceptibility to targeted attacks. Google acknowledged the existence of an exploit for CVE-2... Read more

date10 months ago
Apple patches two dangerous zero-day vulnerabilities

Apple patches two dangerous zero-day vulnerabilities

Apple recently patched two zero-day vulnerabilities in iOS, iPadOS and macOS that allow cybercriminals to hack virtually any Apple device. These are WebKit and kernel vulnerabilities discovered by third parties. The discovered zero-day vulnerabilities may already be actively exploited, Apple ind... Read more

date1 year ago
New Microsoft Office zero-day used for PowerShell commands

New Microsoft Office zero-day used for PowerShell commands

Security experts recently found a zero-day vulnerability in Microsoft Office. The vulnerability allows malicious PowerShell commands to be executed by opening a Word document. The vulnerability was named 'Follina' and registered as CVE-2022-30190. According to security experts, the vulnerabilit... Read more

date2 years ago
Chrome and Edge were both hit by a V8 confusion vulnerability

Chrome and Edge were both hit by a V8 confusion vulnerability

Due to discovering a vulnerability with an exploit in the wild, Google is encouraging users on Windows, macOS, and Linux to upgrade their Chrome builds to version 99.0.4844.84. Because of the vulnerability and its potential complications, Google is keeping quiet about specifics. "CVE-2022-1... Read more

date2 years ago