Researcher releases PoC for Windows VCF file RCE vulnerability
A vulnerability that exists in the way Windows processes VCard files (.vcf) can be exploited by remote attackers to achieve execute arbitrary code on vulnerable systems, …
0-day
Zerodium offers $2 million for remote iOS jailbreak, $1 million for WhatsApp RCE
Zero-day exploit broker Zerodium has raised again the payouts it offers for most desktops/servers and mobile exploits. A “zero click” iOS remote jailbreak is now …
December 2018 Patch Tuesday: Microsoft patches Windows zero-day exploited in the wild
It’s Patch Tuesday again and, as per usual, both Microsoft and Adobe have pushed out patches for widely-used software packages. The Microsoft patches Microsoft’s …
Adobe patches newly exploited Flash zero-day
Adobe has released an out-of-band security update for Flash Player that fixes two vulnerabilities, one of which is a zero-day (CVE-2018-15982) that has been spotted being …
Major flaws uncovered in leading IoT protocols
Trend Micro warned organizations to revisit their operational technology (OT) security after finding major design flaws and vulnerable implementations related to two popular …
Are we chasing the wrong zero days?
Zero days became part of mainstream security after the world found out that Stuxnet malware was used to inflict physical damage on an Iranian nuclear facility. After the …
November 2018 Patch Tuesday: Microsoft fixes 63 flaws, one actively exploited zero-day
As part of the November 2018 Patch Tuesday, Microsoft has released 62 security patches and several advisories. There are 12 critical vulnerabilities among those patched this …
VirtualBox Guest-to-Host escape 0day and exploit released online
Independent vulnerability researcher Sergey Zelenyuk has made public a zero-day vulnerability he discovered in VirtualBox, the popular open source virtualization software …
Endpoint security solutions challenged by zero-day and fileless attacks
There is an endpoint protection gap against modern threats, the result of a recent survey by the Ponemon Institute and Barkly have shown. The organizations polled 660 IT and …
October 2018 Patch Tuesday: Microsoft fixes 49 flaws, one APT-wielded zero-day
With the October 2018 Patch Tuesday release Microsoft has fixed 49 vulnerabilities, 12 of which are rated “critical.” Previously known flaws and an actively …
