Vxers are already attempting to use the proof-of-concept exploit code targeting a new Microsoft Windows Installer zero-day publicly disclosed on Sunday. Malware authors are already attempting to use the proof-of-concept exploit code targeting a new Microsoft Windows Installer zero-day publicly disclosed on Sunday. The security researcher Abdelhamid Naceri has publicly disclosed the exploit for a […]
Google researchers disclosed today a zero-day vulnerability in the Windows operating system that is currently under active exploitation. Security researchers from Google have disclosed a zero-day vulnerability in the Windows operating system, tracked as CVE-2020-17087, that is currently under active exploitation. Ben Hawkes, team lead for Google Project Zero team, revealed on Twitter that the vulnerability […]
SandboxEscaper publicly disclosed a second Windows zero-day exploit dubbed ByeBear to bypass a recently patched elevation of privilege issue. SandboxEscaper is a well of neverending surprises, today publicly disclosed a second Windows zero-day exploit (dubbed ByeBear) to bypass a recently patched elevation of privilege issue. SandboxEscaper is well-known researchers that publicly disclosed several zero-day exploits […]
SandboxEscaper is back with a new Windows Zero-Day in Win 10 Task Scheduler The developer SandboxEscaper makes the line again, this time he publicly released the exploit code for a Windows zero-day that affect the Windows 10 Task Scheduler. Since August 2018, the expert already revealed other four Windows zero-day vulnerabilities without reporting them to […]
Security expert SandboxEscaper published a proof-of-concept (PoC) code for a new Windows zero-day, it is the fourth she released this year. The proof-of-concept (PoC) code published by SandboxEscaper overwrites ‘pci.sys’ with information about software and hardware problems, collected through the Windows Error Reporting (WER) event-based feedback infrastructure. SandboxEscaper initially announced the release of the PoC code […]
Microsoft Patch Tuesday updates for September 2018 address over 60 vulnerabilities, including the recently disclosed zero-day flaw. Microsoft Patch Tuesday updates for September 2018 address 61 vulnerabilities in Internet Explorer (IE), Edge, ChakraCore, Azure, Hyper-V, Windows components, .NET Framework, SQL Server, and Microsoft Office and Office Services. Of the 62 CVEs. 17 flaws are rated […]
Security researchers from the opatch community released a micropatch for the recently disclosed Windows zero-day vulnerability. A few days ago, the security researcher who handles the Twitter account @SandboxEscaper has disclosed the details of zero-day privilege escalation vulnerability affecting Microsoftâs Windows operating systems that could be exploited by a local attacker or malicious program to obtain system privileges […]
In March 2016 experts from FireEye spotted a malicious campaign conducted by a financially motivated threat actor that leveraged on a zero-day exploit. According to security experts at FireEye, a sophisticated criminal organization targeted more than 100 organizations in North America. Most of the victims are in the retail, hospitality and restaurant sectors. Threat actor […]