Crowdfense launches Vulnerability Research Hub for top security researchers
Crowdfense officially launched the Vulnerability Research Hub out of beta. After being internally developed and fine-tuned for several months, Crowdfense opened their …
0-day
September 2018 Patch Tuesday: Microsoft fixes actively exploited zero-day
Microsoft’s September 2018 Patch Tuesday has brought fixes for a little over 60 security vulnerabilities, 17 of which are critical and one is being actively exploited in …
September Patch Tuesday forecast: Evaluate third-party updates alongside Microsoft release
There’s some good and some bad news for the Patch Tuesday forecast this month. The good news is a number of vendors have just released last week, clearing the slate for what …
0patch releases micropatch for Windows Task Scheduler zero-day
Earlier this week a security researcher that goes by “SandboxEscaper” published details and a PoC exploit for a zero-day local privilege escalation vulnerability …
Windows zero-day flaw and PoC unveiled via Twitter
A Windows zero-day local privilege escalation flaw and a Proof-of-Concept exploit for it have been revealed on Monday by someone who goes by SandboxEscaper on Twitter. The …
August 2018 Patch Tuesday: Microsoft fixes two actively exploited zero-days
In the August 2018 Patch Tuesday, Microsoft has plugged over 60 vulnerabilities, two of which are being actively exploited in the wild. In addition to those, the company has …
Adobe releases fix for actively exploited Flash Player zero-day
If you’re still using Flash Player, it’s time to update it again – and quickly: Adobe has just patched a critical zero day vulnerability (CVE-2018-5002) …
Microsoft, Adobe February 2018 security updates: An overview
The Microsoft February 2018 security updates are for Internet Explorer, Edge, Windows, Office, Office Services and Web Apps, Adobe Flash, and ChakraCore (the core part of the …
About the Flash zero-day currently exploited in the wild
The zero-day Flash Player vulnerability (CVE-2018-4878) that Adobe warned about on Thursday was leveraged by North Korean hackers. FireEye calls the group TEMP.Reaper and …
IoT malware targeting zero-day vulnerabilities
Once it became evident that IoT devices can be relatively easily enslaved in botnets and that even their limited power can be used for a variety of nefarious purposes, it was …
