zeroday
Ivanti VPN Zero-Day Combo Chained ‘by China’
Richi Jennings | | CVE-2023-46805, CVE-2024-21887, Ivanti, ivanti acquisition, Ivanti Zero day vulnerability, SB Blogwatch, Zero Day Attacks, zero-day, zero-day attack, Zero-Day Bug, Zero-day Exploit, zero-day exploits, zero-day flaw, zero-day flaws, zero-day threat, Zero-day threats, zeroday, zerodayvulnerabilities
Under active exploitation since last year—but still no patch available ...
Security Boulevard
Cisco Zero-Day: As Bad as it Gets — and No Fix 4 Weeks in
Richi Jennings | | 0-day, 0-day exploits, 0-day vulnerability, 0day, cisco, Cisco IOS XE, CVE-2023-20198, SB Blogwatch, Zero Day Attacks, zero-day, Zero-Day Bug, Zero-day Exploit, zero-day exploits, zero-day flaw, zero-day flaws, zero-day threat, zero-day vulnerabilities, Zero-day Vulnerability, zero-days, zeroday, zerodayvulnerabilities
Keeping us in suspense—It doesn’t get worse than this: CVE-2023-20198 is CVSS=10 ...
Security Boulevard
Card Skimmers Powered by Chip Cards, Silver Sparrow Mac Malware, Accellion Zero-Days
Tom Eston | | Accellion, Cybersecurity, Digital Privacy, Episodes, Mac, macos, Malware, Podcast, Privacy, security, skimmers, technology, Weekly Edition, zeroday
This week co-host Kevin Johnson joins Tom Eston to discuss new card skimmers found in the wild, the Accellion zero-days, and a new type of Mac malware called “Silver Sparrow”. ** Links ...
Facebook Helped Develop a Tails Exploit
This is a weird story: Hernandez was able to evade capture for so long because he used Tails, a version of Linux designed for users at high risk of surveillance and which ...
Critical Windows Vulnerability Discovered by NSA
Bruce Schneier | | certificates, cryptography, encryption, Exploits, maninthemiddleattacks, Microsoft, nsa, Windows, zeroday
Yesterday's Microsoft Windows patches included a fix for a critical vulnerability in the system's crypto library. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates ...
Massive iPhone Hack Targets Uyghurs
China is being blamed for a massive surveillance operation that targeted Uyghur Muslims. This story broke in waves, the first wave being about the iPhone. Earlier this year, Google's Project Zero found ...
Prices for Zero-Day Exploits Are Rising
Companies are willing to pay ever-increasing amounts for good zero-day exploits against hard-to-break computers and applications: On Monday, market-leading exploit broker Zerodium said it would pay up to $2 million for zero-click ...