The Director of the Tor Project Roger Dingledine has accused the FBI of commissioning to the Carnegie Mellon boffins a study on methods to de-anonymize Tor users. The experts at the Tor Project have collected more information about the attack launched last year by Carnegie Mellon researchers on the popular anonymizing system. The Director of the […]
Rumors on the Internet says that the hackers who breached vBulletin forum website exploited a zero-day flaw, the company issued emergency security patches. On Sunday, the vBulletin official website has been hacked, according to DataBreaches.net, vBulletin, Foxit Software forums have been hacked by Coldzer0 that has stolen hundreds of thousands of usersâ records. The hacker published screenshots […]
A team of hackers has received a million-dollar payout for disclosing a iOS zero-day vulnerability that could allow an attacker to remotely hack any Phone. Bad news for the Apple users, a team of hackers have received a million-dollar payout for disclosing an iOS zero-day vulnerability that could allow an attacker to remotely hack any Phone […]
How much cost a zero-day for an industrial control system? Where is to possible to buy them and who are the main buyers of these commodities? We have discussed several times about the importance of zero-day in cyber attacks against computer systems, the exploitation of previously unknown vulnerabilities is a prerogative of well-funded hacking groups such as state-sponsored crews. […]
The Pawn Storm APT group set up rogue VPN and SFTP servers to target Dutch Safety Board employees involved in the MH17 crash investigation. July 17, 2014, Flight MH17, traveling from Amsterdam to Kuala Lumpur, was shot down by a missile in mysterious circumstances. Flight MH17 was flying over a conflict zone in eastern Ukraine […]
Despite both Microsoft and Adobe releasing patches on Tuesday (10/13/2015), a critical Flash zero-day flaw remains unpatched in Adobeâs latest update. Despite both Microsoft and Adobe releasing critical patches on Tuesday (10/13/2015), a critical zero-day vulnerability remains unpatched in Adobeâs latest update. As per Adobe APSA15-05, this vulnerability (CVE-2015-7645) remains unpatched is actively being exploited in-the-wild. Adobe plans […]
Researchers at Trend Micro discovered a new Adobe Flash Zero-Day used in Pawn Storm Campaign Targeting Foreign Affairs Ministries across the world. Once again Flash in the headlines, beware next emergency Flash Player update is critical for everybody as explained by the experts at Trend Micro. The researchers at the security firm explained that the update […]
The NSA SHARKSEER Program is a project that aims to detect and mitigate web-based malware Zero-Day and Advanced Persistent Threats using COTS technology. Every day, thousands of cyber attack rely on exploitation of zero-day exploits, even more sophisticated ATP groups trigger unknown vulnerabilities to compromise systems across the world. Intelligence agencies and research groups are investing […]
The vulnerability allows a local unprivileged user of a Windows guest to gain Local and/or Domain Administrator access when VeeamVixProxy is active, the de-facto default in VMWare and Hyper-V environments. Pasquale `sid` Fiorillo, Francesco `ascii` Ongaro from ISGroup, an Italian Security firm, and Antonio `s4tan` Parata from ush team, have just released a critical security […]
Apple recently released its first update to the new iOS 9, but experts noticed that it doesn’t fix the lock screen bypass vulnerability. Apple has already released its first update for the release iOS, the version iOS 9.0.1 was issued last week to fix a number of bugs. Last week Jose Rodriguez reported the lock screen bypass vulnerability affecting […]