0-day Archives - Help Net Security

0-day

Attackers are exploiting two zero-day flaws in Cisco enterprise-grade routers

September 1, 2020

A technical support intervention has revealed two zero-day vulnerabilities in the OS running on Cisco enterprise-grade routers that attackers are trying to actively exploit. …

Exploits for vBulletin zero-day released, attacks are ongoing

August 11, 2020

The fix for CVE-2019-16759, a remote code execution vulnerability in vBulletin that was patched in September 2019, is incomplete, security researcher Amir Etemadieh has …

Researchers flag two zero-days in Windows Print Spooler

August 7, 2020

In May 2020, Microsoft patched CVE-2020-1048, a privilege escalation vulnerability in the Windows Print Spooler service discovered by Peleg Hadar and Tomer Bar from SafeBreach …

Zoom zero-day flaw allows code execution on victim’s Windows machine

July 9, 2020

A zero-day vulnerability in Zoom for Windows may be exploited by an attacker to execute arbitrary code on a victim’s computer. The attack doesn’t trigger a …

Attackers exploiting a zero-day in Sophos firewalls, have yours been hit?

April 27, 2020

Sophos has released an emergency hotfix for an actively exploited zero-day SQL injection vulnerability in its XG Firewalls, and has rolled it out to all units with the …

Two critical Firefox vulnerabilities exploited by attackers, patch now!

April 6, 2020

Mozilla has released critical security updates for Firefox and Firefox ESR on Friday, patching two vulnerabilities that are being actively exploited by attackers.

Micropatches block exploitation of Windows zero-days under attack

March 27, 2020

While we wait for Microsoft to provide fixes for the two new Windows RCE zero-days that are being exploited in “limited targeted Windows 7 based attacks,” ACROS …

Government-backed cyber attackers increasingly targeting journalists

March 27, 2020

Since the start of the year, journalists and news outlets have become preferred targets of government-backed cyber attackers, Google’s Threat Analysis Group (TAG) has noticed. …

Windows users under attack via two new RCE zero-days

March 23, 2020

Attackers are exploiting two new zero-days in the Windows Adobe Type Manager Library to achieve remote code execution on targeted Windows systems, Microsoft warns. The attacks …

Trend Micro fixes two actively exploited zero-days in enterprise products

March 18, 2020

Trend Micro has fixed two actively exploited zero-day vulnerabilities in its Apex One and OfficeScan XG enterprise security products, and advises customers to update to the …

Google fixes another Chrome zero-day exploited in the wild

February 26, 2020

For the third time in a year, Google has fixed a Chrome zero-day (CVE-2020-6418) that is being actively exploited by attackers in the wild. About CVE-2020-6418 No details have …

Mozilla patches actively exploited Firefox zero-day

January 9, 2020

Mozilla has patched a Firefox zero-day vulnerability (CVE-2019-17026) that is being exploited in attacks in the wild and is urging Firefox and Firefox ESR users to update …