Here you will find all the articles with the tag: zero-day.
A critical vulnerability in Palo Alto Networks' PAN-OS firewall software is actively exploited and used for attacks. The vulnerability was discovered as early as April 10, but tens of thousands of active firewalls were eventually found to be vulnerable. Updating to the latest version is the urgent ... Read more
8 days ago
Figures from Google show that last year there were 97 actively exploited zero-day vulnerabilities. In 2022, the number was still 62 vulnerabilities. With this, the upward trend has returned. A year ago, the figures still showed a positive trend downward. According to Google data, the year 2021 m... Read more
29 days ago
A Chinese hacker group has been exploiting a zero-day in the vCenter Server since at least late 2021. The hackers managed to deploy backdoors on ESXi hosts through the vulnerability and leak data from organisations in critical sectors. Mandiant revealed that the perpetrator behind the cyber camp... Read more
3 months ago
Google is warning Chrome users about an actively exploited zero-day vulnerability. A security update is available. The tech giant discovered the CVE-2023-6345 vulnerability itself and marks it as very important. The bug affects the so-called Skia graphics engine. The Chrome browser uses this par... Read more
5 months ago
The Chinese hackers who broke into Barracuda's Email Security Gateway (ESG) devices appeared to be primarily interested in devices belonging to politically important targets. The hackers spared no expense to maintain a presence in these devices after a patch was released. Barracuda eventually decid... Read more
8 months ago
In the latest Patch Tuesday, Microsoft addressed 87 vulnerabilities. Two vulnerabilities were exploited by hackers, and six "critical" vulnerabilities allowed hackers to run code remotely. Researchers also reported a flaw in Visual Studio Code that leaks passwords, but Microsoft did not see the nee... Read more
9 months ago
Servers containing Ivanti's Endpoint Manager Mobile (EPMM) solution and therefore two vulnerabilities are mainly in possession of Western companies and governments. Patches are available, but cybersecurity specialists fear hackers already breached most networks. The story started when Norway discov... Read more
9 months ago
The vulnerability in Ivanti software has been exploited since at least April. That is what cyber security services from Norway and the US know. CISA from the U.S. and the Norwegian National Cyber Security Centre (NCSC-NO) are jointly releasing an advisory report, looking deeper into the zero-da... Read more
9 months ago
Ivanti has released a patch for the CVE-2023-35078 vulnerability in its Endpoint Manager Mobile (EPMM) software. Labeled as highly critical, the vulnerability in Ivanti's EPMM solution, also known by its former name MobileIron Core, allows hackers to access personal information on affected devic... Read more
9 months ago
In early June, U.S. security watchdog CISA urged that a zero-day vulnerability in MOVEit be patched as soon as possible. The Progress Software product is used by numerous companies worldwide to send often sensitive files in an encrypted manner. Behind the attacks is the Russia-linked CL0P ransomwar... Read more
10 months ago
