News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: 0-Day

Chinese cyber attackers target zero-day vulnerabilities
March 28, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Found zero-day vulnerabilities are often exploited by individual APT groups. According to Mandiant, Chinese cyberattackers are targeting more and more zero-day vulnerabilities. The report documents the role of the groups and the vulnerabilities exploited. Mandiant's new Fortinet vulnerability report reveals that routers and internet-connected devices on corporate networks are inadequately protected against cyberattacks. There are simply not enough tools to protect these systems. Chinese spies at work Suspected Chinese spies exploited a zero-day vulnerability with a new type of malware designed specifically for network security devices. Even devices used by government and…

Read more

Microsoft patches gaps according to NSA information
16 January 2023
| No comments
| Short news
Tenable news

Microsoft's Patchday release this month includes fixes for 98 CVEs, 11 of which are rated Critical and 87 are Major. In addition, Microsoft closes two zero-day vulnerabilities. A lot of information came from the American National Security Agency - NSA. Microsoft says this bug has already been exploited in practice as a zero day: CVE-2023-21674 is an elevation-of-privilege vulnerability in Windows Advanced Local Procedure Call (ALPC) that simplifies interprocess communication for Windows operating system components. Serious zero-day vulnerability Although no details about the flaw were available at the time Microsoft published the advisory on Patch Tuesday, it seems…

Read more

Automated detection of zero-day vulnerabilities
26 October 2022
| No comments
| PR News
Automated detection of zero-day vulnerabilities

The European IoT/OT security specialist ONEKEY enables the software-supported, automated analysis of unknown zero-day vulnerabilities in industrial products and controls for the first time. This category represents one of the greatest risks for everything that uses software: "Zero-day attacks use security gaps that may have existed undetected for a long time and were not recognized by the manufacturer of the devices and systems. Therefore there is no patch for the vulnerability and global attacks on affected devices can be devastating," says Jan Wendenburg, CEO of ONEKEY. Flourishing trade in vulnerabilities These vulnerabilities are even traded among hackers, a zero-day vulnerability in iOS,…

Read more

Exchange Server: New 0-day vulnerability - missing patches  
3 October 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

GTSC security researchers have discovered two new RCE vulnerabilities in MS Exchange Server. There are already suitable exploits for this in the wild. Microsoft was notified of the vulnerabilities and commented “Currently Microsoft is aware of limited targeted attacks”. Around early August 2022, while conducting security monitoring and incident response services, the GTSC SOC team discovered that a critical infrastructure was under attack, specifically their Microsoft Exchange application. During the investigation, GTSC Blue Team experts determined that the attack exploited an unpublished Exchange vulnerability (a 0-day vulnerability) and therefore immediately developed a temporary containment plan. At the same time, the experts began…

Read more

Microsoft: Subzero probably developed as a state Trojan 
August 13, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

A Viennese company is said to have used several 0-day exploits for malware. Microsoft specialists tracked and evaluated several attacks. The company DSIRF - codenamed Knotweed - wants to see "nothing abusive" about it. The exploit ​Subzero should definitely come from DSIRF and probably a developed state Trojan. As already reported by heise.de, Microsoft is complaining about the Viennese company DSIRF, which is said to have used a specially developed state Trojan itself. With Subzero, several targets have been hacked and monitored since February 2020, such as lawyers or banks. This fact…

Read more

© 2024 MedPressIT GbR
Cookie Settings