Pierluigi Paganini
November 01, 2018
0x20k of Ghost Squad Hackers has released the full source code of the 0day exploit used to targeting Apache Hadoop and build the FICORA Botnet. In direct response to the publication of Radware’s analysis of the new discovery of the DemonBot malware strain effecting Hadoop clusters earlier the week, October 25th, 2018, 0x20k of Ghost […]
Pierluigi Paganini
October 24, 2018
The security researcher SandboxEscaper has released the proof-of-concept exploit code for a new Windows zero-day, Windows users are now exposed to attacks. The security researcher using the Twitter handle @SandboxEscaper is back and has released the proof-of-concept exploit code for a new Windows zero-day vulnerability. At the end of August, the same researcher disclosed the details of zero-day privilege escalation vulnerability […]
Pierluigi Paganini
October 10, 2018
A Windows zero-day flaw addressed by Microsoft with its latest Patch Tuesday updates is exploited by an APT group in attacks aimed at entities in the Middle East. The Windows zero-day vulnerability tracked as CVE-2018-8453 is a privilege escalation flaw that was exploited by an APT group in attacks against entities in the Middle East. The flaw, tracked as […]
Pierluigi Paganini
September 21, 2018
A security researcher from Trend Micro Security Research team disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows. The researcher Lucas Leong of the Trend Micro Security Research team publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows. The flaw is an out-of-bounds (OOB) write in the JET Database Engine […]
Pierluigi Paganini
September 11, 2018
Zero-day broker Zerodium has disclosed a NoScript vulnerability that could be exploited by attackers to execute arbitrary JavaScript code in the Tor Browser. Zero-day broker Zerodium has disclosed a NoScript vulnerability that could be exploited by attackers to execute arbitrary JavaScript code in the Tor Browser. NoScript is a popular Firefox extension that protects users against malicious scripts, it only allows […]
Pierluigi Paganini
September 01, 2018
Security researchers from the opatch community released a micropatch for the recently disclosed Windows zero-day vulnerability. A few days ago, the security researcher who handles the Twitter account @SandboxEscaper has disclosed the details of zero-day privilege escalation vulnerability affecting Microsoft’s Windows operating systems that could be exploited by a local attacker or malicious program to obtain system privileges […]
Pierluigi Paganini
August 28, 2018
A security researcher has publicly disclosed the details of zero-day privilege escalation vulnerability affecting all Microsoft’s Windows operating systems A security researcher who handles the Twitter account @SandboxEscaper has disclosed the details of zero-day privilege escalation vulnerability affecting Microsoft’s Windows operating systems that could be exploited by a local attacker or malicious program to obtain system privileges on […]
Pierluigi Paganini
July 03, 2018
Microsoft published technical details of 2 zero-days that have been recently discovered after someone uploaded a weaponized PDF file to VirusTotal. Security researchers from Microsoft have published technical details of two zero-day vulnerabilities that have been recently discovered after someone uploaded a weaponized PDF file to VirusTotal. The two issues were addressed by Microsoft with […]
Pierluigi Paganini
June 07, 2018
Adobe has recently fixed several vulnerabilities, including the CVE-2018-5002 Flash Zero-Day exploited in targeted attacks in the Middle East Adobe has released security updates for Flash Player that address four vulnerabilities, including a critical issue (CVE-2018-5002) that has been exploited in targeted attacks mainly aimed at entities in the Middle East. The CVE-2018-5002 vulnerability, reported by researchers at […]
Pierluigi Paganini
June 03, 2018
Cyber criminals recently added the code for the CVE-2018-8174 Internet Explorer zero-day vulnerability to the infamous RIG exploit kit. Crooks recently added the code for an Internet Explorer zero-day vulnerability to the infamous RIG exploit kit. The Internet Explorer zero-day vulnerability, tracked as CVE-2018-8174, was first discovered a few weeks ago, it affects VBScript implemented in Internet Explorer and Microsoft […]
