Pierluigi Paganini
May 14, 2020
The popular zero-day broker Zerodium announced new limitations it the submission of certain types of iOS exploits due to surplus. The exploit broker Zerodium announced that itâs no longer accepting certain types of iOS exploits due to surplus, this implies that prices for them will drop in the near future. The company announced via Twitter that […]
Pierluigi Paganini
April 15, 2020
Hackers are selling two zero-day exploits for critical issues affecting the video conferencing software Zoom that would allow attackers to spy on communications. Hackers are offering for sale an exploit for a zero-day remote code execution vulnerability affecting the Windows client for Zoom. The zero-day exploit goes for $500,000, hackers are also offering another exploit code […]
Pierluigi Paganini
March 23, 2020
Microsoft warns of hackers actively exploiting two zero-day remote code execution vulnerabilities in Windows Adobe Type Manager Library. Microsoft warns of hackers exploiting two zero-day remote code execution (RCE) vulnerabilities in the Windows Adobe Type Manager Library, both issues impact all supported versions of Windows. The vulnerabilities affects the way Windows Adobe Type Manager Library […]
Pierluigi Paganini
March 06, 2020
A security researcher has disclosed details and PoC code for a zero-day vulnerability in the Zoho ManageEngine product via Twitter. A security expert has disclosed details about a zero-day vulnerability in a Zoho enterprise product via Twitter, a circumstance that could cause serious problems to customers of the company. The flaw affects Zoho ManageEngine Desktop Central […]
Pierluigi Paganini
February 25, 2020
Google has released Chrome 80 update that addresses three high-severity vulnerabilities, one of them has been exploited in the wild. Google has released Chrome 80 update (version 80.0.3987.122) that addresses three high-severity vulnerabilities, including a zero-day issue (CVE-2020-6418) that has been exploited in the wild. The CVE-2020-6418 vulnerability is a type confusion issue that affects […]
Pierluigi Paganini
January 09, 2020
Mozilla has released security updates for Firefox browser that address a zero-day flaw (CVE-2019-17026) that has been exploited in targeted attacks. Mozilla has released security updates to address a critical Firefox browser zero-day issue (CVE-2019-17026) that has been exploited in targeted attacks. The CVE-2019-17026 flaw is an âIonMonkey type confusion with StoreElementHole and FallibleStoreElement,â where IonMonkey is the […]
Pierluigi Paganini
December 11, 2019
Microsoftâs December 2019 Patch Tuesday updates fix a total of 36 flaws, including CVE-2019-1458 Windows zero-day exploited in North Korea-linked attacks Microsoftâs December 2019 Patch Tuesday updates address a total of 36 flaws, including a Windows zero-day, tracked as CVE-2019-1458 exploited in attacks linked to North Korea. The vulnerability could be exploited to execute arbitrary […]
Pierluigi Paganini
November 18, 2019
The Tianfu Cup 2019 International Cyber ââSecurity Competition is ended and white hat hackers have earned $545,000 for working zero-day exploits. During Day 1 of the Tianfu Cup 2019 contest 13 hacking attempts out of a total of 32 were successful, 13 attempts failed and in 12 cases the researchers abandoned the attempts. Now that the competition […]
Pierluigi Paganini
November 01, 2019
Google released security updates to address two high severity flaws in Chrome, one of which is actively exploited in attacks in the wild to hijack computers. Google released security updates to address two high severity vulnerabilities in the Chrome browser, one of which is a zero-day flaw actively exploited in attacks in the wild to […]
Pierluigi Paganini
October 10, 2019
The gang behind BitPaymer and ransomware attacks has been found exploiting Windows zero-day for Apple iTunes and iCloud. The cybercriminals behind BitPaymer and iEncrypt ransomware attacks have been found exploiting a Windows zero-day vulnerability for Apple iTunes and iCloud in attacks in the wild. The zero-day vulnerability resides in the Bonjour updater that comes packaged with […]
