zeroday Archives

Ivanti VPN Zero-Day Combo Chained ‘by China’

Richi Jennings | January 12, 2024 | CVE-2023-46805, CVE-2024-21887, Ivanti, ivanti acquisition, Ivanti Zero day vulnerability, SB Blogwatch, Zero Day Attacks, zero-day, zero-day attack, Zero-Day Bug, Zero-day Exploit, zero-day exploits, zero-day flaw, zero-day flaws, zero-day threat, Zero-day threats, zeroday, zerodayvulnerabilities

Under active exploitation since last year—but still no patch available ...

Security Boulevard

The Golden Gate Bridge, under an blood-red sky

Cisco Zero-Day: As Bad as it Gets — and No Fix 4 Weeks in

Keeping us in suspense—It doesn’t get worse than this: CVE-2023-20198 is CVSS=10 ...

Security Boulevard

Card Skimmers Powered by Chip Cards, Silver Sparrow Mac Malware, Accellion Zero-Days

Tom Eston | March 1, 2021 | Accellion, Cybersecurity, Digital Privacy, Episodes, Mac, macos, Malware, Podcast, Privacy, security, skimmers, technology, Weekly Edition, zeroday

This week co-host Kevin Johnson joins Tom Eston to discuss new card skimmers found in the wild, the Accellion zero-days, and a new type of Mac malware called “Silver Sparrow”. ** Links ...

The Shared Security Show

Facebook Helped Develop a Tails Exploit

Bruce Schneier | June 12, 2020 | children, Exploits, facebook, FBI, pornography, zeroday

This is a weird story: Hernandez was able to evade capture for so long because he used Tails, a version of Linux designed for users at high risk of surveillance and which ...

Schneier on Security

Critical Windows Vulnerability Discovered by NSA

Bruce Schneier | January 15, 2020 | certificates, cryptography, encryption, Exploits, maninthemiddleattacks, Microsoft, nsa, Windows, zeroday

Yesterday's Microsoft Windows patches included a fix for a critical vulnerability in the system's crypto library. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates ...

Schneier on Security

Massive iPhone Hack Targets Uyghurs

Bruce Schneier | September 3, 2019 | android, Apple, Hacking, iPhone, smartphones, Windows, zeroday

China is being blamed for a massive surveillance operation that targeted Uyghur Muslims. This story broke in waves, the first wave being about the iPhone. Earlier this year, Google's Project Zero found ...

Schneier on Security

Prices for Zero-Day Exploits Are Rising

Bruce Schneier | January 17, 2019 | businessofsecurity, economicsofsecurity, Exploits, Vulnerabilities, zeroday

Companies are willing to pay ever-increasing amounts for good zero-day exploits against hard-to-break computers and applications: On Monday, market-leading exploit broker Zerodium said it would pay up to $2 million for zero-click ...

Schneier on Security

zeroday

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On