Hot Topics

zero-day

Microsoft Secure Boot Bug

| | Microsoft, Uncategorized, Vulnerabilities, zero-day
Microsoft is currently patching a zero-day Secure-Boot bug. The BlackLotus bootkit is the first-known real-world malware that can bypass Secure Boot protections, allowing for the execution of malicious code before your PC ...
Schneier on Security
3CX Breach Was a Double Supply Chain Compromise

3CX Breach Was a Double Supply Chain Compromise

| | 3CX, A Little Sunshine, ClearSky Security, Diamond Sleet, double supply chain breach, Elastic Security, ESET, ICONICSTEALER, Kaspersky Lab, kim zetter, Latest Warnings, macos, Mandiant, Marc-Etienne M.Leveille, Microsoft, Ne'er-Do-Well News, Peter Kalnai, supply chain, The Coming Storm, Trading Technologies, X_Trader, zero-day, ZINC
We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North ...
Krebs on Security

Hacks at Pwn2Own Vancouver 2023

| | adobe, cars, Hacking, Uncategorized, Windows, zero-day
An impressive array of hacks were demonstrated at the first day of the Pwn2Own conference in Vancouver: On the first day of Pwn2Own Vancouver 2023, security researchers successfully demoed Tesla Model 3, ...
Schneier on Security
Silverfort Protection Against CVE-2023-23397 Outlook Zero Day

Silverfort Protection Against CVE-2023-23397 Outlook Zero Day

| | Blog, lateral movement, MFA, ntlm relay, outlook, vulnerability, zero-day
In the latest Patch Tuesday, Microsoft released a patch for  CVE-2023-23397 Zero Day in Outlook, that was reported to be exploited in the wild. Exploitation of this vulnerability enables an adversary to ...
Blog - Silverfort
Microsoft January Patch Tuesday 2023: 98 Security Vulnerabilities and a Zero Day

Microsoft January Patch Tuesday 2023: 98 Security Vulnerabilities and a Zero Day

| | Application Security, Microsoft security, Patch Tuesday, patching, Uncategorized, Vulnerability Management, Windows security, zero-day
On January 10th, 2023 Microsoft released their January Patch Tuesday fixes and revealed 98 vulnerability fixes, including one Zero Day vulnerability known to be exploited in the wild.  The vulnerabilities affect popular ...
Rezilion
“Reducing the attack surface: the key to secure your OT environment”

“Reducing the attack surface: the key to secure your OT environment”

| | Artificial Intelligence, Attacksurface, CERT-In, operational technology, Securitycontrols, VAPT, zero-day
Introduction Operational technology (OT) systems are essential in various sectors, including manufacturing, energy, and transportation, in the current digital era. Real-time monitoring and control of physical processes and devices are the responsibility ...
Kratikal Blogs
Seceon’s Comprehensive Cybersecurity Platform

Seceon’s Comprehensive Cybersecurity Platform

| | aiXDR, aiXDR | Use Cases where to put, Best Cyber Security Company, Cyber Security Company, cybersecurity solution, ransomware detection, Service Security Providers, Trojan horse, zero-day
Seceon’s comprehensive platform includes more than 15 tools like ai, ml, vulnerability assessment, SIEM, SOAR, UEBA, NBAD, NTA, EDR, TI, but our focus for today is an area that frequently comes up ...
Seceon
Open Systems Palo Alto Kaspersky zScaler

Palo Alto Networks Updates OS to Strengthen Cybersecurity Platforms

| | Injection Attacks, Malware, Nova, Palo Alto Networks, zero-day
Palo Alto Networks this week delivered a Nova update to the PAN-OS operating system it embeds across its cybersecurity portfolio. The update added capabilities to thwart evasive malware and zero-day injection attacks ...
Security Boulevard
vm2 sandbox bucket travel

Sandbreak vm2 Flaw is a 10 But Exposes Vulnerability of Sandboxes

| | 0-day vulnerability, application, Sandbox Escape, vm2, zero-day
As vulnerabilities go, the Sandbreak vm2 flaw is as potentially as severe as it gets, snagging a 10.0 CVSS score. The bug, CVE-2022-36067, should be immediately patched if it’s used with applications, ...
Security Boulevard
What We Know About the Zero-Day Vulnerability Affecting Zimbra Collaboration and cpio

What We Know About the Zero-Day Vulnerability Affecting Zimbra Collaboration and cpio

| | current-events, cyber threat intelligence, Remote Code Execution, Vulnerabilities, vulnerability intelligence, Vulnerability Management, zero-day
On September 10, an attack was reported in the Zimbra forums where a malicious actor was able to upload a JSP web shell into the /public directory to execute a command, generating ...
Threat Intelligence Blog | Flashpoint
Load more