News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: zero day

Threat from state actors
17. February 2024
| No comments
| PR News, TrendMicro
Threat from state actors

Trend Micro, one of the world's leading providers of cybersecurity solutions, announces the discovery of a security vulnerability in Microsoft Windows Defender. This is actively exploited by the cybercriminal group Water Hydra. Trend discovered this vulnerability on December 31, 2023 and has automatically protected customers from it since January 1, 2024. Organizations are advised to take immediate action to forestall continued exploitation of this vulnerability by cybercriminals. The vulnerability (CVE-2024-21412) is an active zero-day vulnerability that was reported to Microsoft by Trend Micro's Zero Day Initiative (ZDI). Trend Micro gives…

Read more

APT28 – Fancy Bear: Attack campaigns in 14 countries
22 December 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The Unit 42 team at Palo Alto Networks has released a new research report that provides new evidence and insights into ongoing activities of the Russian-backed threat actor “Fighting Ursa,” better known as “APT28” or “Fancy Bear.” Earlier this year, Ukrainian cybersecurity researchers discovered that Fighting Ursa exploited a zero-day exploit in Microsoft Outlook (now known as CVE-2023-23397). This vulnerability is particularly concerning because it does not require user interaction to exploit. Unit 42 researchers have observed this group using CVE-20-2023 to attack at least 23397 organizations in 30...

Read more

Hacker group exploits zero-day vulnerability
4 November 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Government agencies and a think tank in Europe were attacked by the APT group Winter Vivern. Here, the hackers use so-called cross-site scripting attacks to exploit a zero day vulnerability in the Roundcube webmail servers used in order to then read (confidential) emails. Roundcube is an open source webmail software used by many government departments and organizations such as universities and research institutes. ESET recommends that users update to the latest available version of the software as soon as possible. ESET discovered the vulnerability on October 12, 2023 and immediately reported it to the Roundcube team, who reported the vulnerability two…

Read more

Security report Q1/23: New malware often from Russia and China 
July 7, 2023
| No comments
| Stories, WatchGuard
Security report Q1/23: New malware often from Russia and China - Image by Egonetix_xyz on Pixabay

Cyber ​​attackers are constantly coming up with new attack methods. The security report for the first quarter of 1 not only shows new traps, but also proves that three of the four newcomers on the top 2023 malware list come from Russia and China. According to WatchGuard's Internet Security Report, attackers are now discovering new ways to trick users surfing the Internet. After web browsers have recently upgraded their protection mechanisms against pop-up abuse, cybercriminals are now focusing on the still relatively new browser notification options. Malware trends for Q10/1 How the analysis…

Read more

Chinese cyber attackers target zero-day vulnerabilities
March 28, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Found zero-day vulnerabilities are often exploited by individual APT groups. According to Mandiant, Chinese cyberattackers are targeting more and more zero-day vulnerabilities. The report documents the role of the groups and the vulnerabilities exploited. Mandiant's new Fortinet vulnerability report reveals that routers and internet-connected devices on corporate networks are inadequately protected against cyberattacks. There are simply not enough tools to protect these systems. Chinese spies at work Suspected Chinese spies exploited a zero-day vulnerability with a new type of malware designed specifically for network security devices. Even devices used by government and…

Read more

Microsoft patches gaps according to NSA information
16 January 2023
| No comments
| Short news
Tenable news

Microsoft's Patchday release this month includes fixes for 98 CVEs, 11 of which are rated Critical and 87 are Major. In addition, Microsoft closes two zero-day vulnerabilities. A lot of information came from the American National Security Agency - NSA. Microsoft says this bug has already been exploited in practice as a zero day: CVE-2023-21674 is an elevation-of-privilege vulnerability in Windows Advanced Local Procedure Call (ALPC) that simplifies interprocess communication for Windows operating system components. Serious zero-day vulnerability Although no details about the flaw were available at the time Microsoft published the advisory on Patch Tuesday, it seems…

Read more

Defense against container-based zero-day attacks
9 January 2023
| No comments
| PR News
Defense against container-based zero-day attacks

A new cloud-native security solution can stop zero-day attacks and shield critical production vulnerabilities until a patch can be applied. Aqua Security introduces the eBPF Lightning Enforcer. Powered by new eBPF technology, Lightning Enforcer provides full visibility into running workloads, making it easy for security professionals to identify and stop even advanced attacks in real time. Shift Left is an important factor in preventing vulnerabilities, misconfigurations, and software supply chain threats from entering production environments. However, sometimes this security approach is not enough. This has led to a…

Read more

Trend Micro's Zero Day Initiative uncovers many vulnerabilities
August 31, 2022
| No comments
| Short news
Trend Micro News

Zero-day vulnerabilities are software vulnerabilities for which no patch exists to prevent exploitation of the vulnerability. According to the study, the Trend Micro Zero Day Initiative (ZDI) found 2021 percent verified security gaps in 64 - much more than providers such as Cisco, Google or Fortinet. If the vulnerability is discovered by an attacker, this can have far-reaching consequences. The zero-day vulnerabilities "Hafnium" and "Log4Shell", which became known in 2021, were particularly drastic for many German companies. But even in the first half of 2022, there were already 18 zero-day vulnerabilities that were successfully exploited by cybercriminals - including...

Read more

Attacks on the zero-day vulnerability in Confluence
July 18, 2022
| No comments
| Barracuda, Short news
B2B Cyber ​​Security ShortNews

After the zero-day vulnerability – now known as CVE-2022-26134 – was exposed in Atlassian's collaboration tool Confluence, attackers attempt to exploit it in a targeted manner. The attacks come mainly from Russia, USA, India, Netherlands and Germany. Confluence touts “the remote-ready workspace for your team, where knowledge and collaboration meet.” This work is currently endangered by a security vulnerability. Security analysts from Barracuda have now analyzed data from the cloud security specialist's worldwide installations and have identified an increasing number of attempted attacks via the vulnerability. These range from harmless intentions to some more complex attempts to infect systems with DDoS botnet malware and cryptominers...

Read more

Hacking competition uncovers 25 zero-day vulnerabilities 
June 8, 2022
| No comments
| Short news
Trend Micro News

Trend Micro's Pwn2Own brings well-known technology manufacturers together and promotes vulnerability research. The hacking competition thus increases security for around 1 billion end users. Participating as partners: Microsoft, Tesla, Zoom and VMware. There was also 1 million in prize money. Trend Micro, one of the world's leading providers of cyber security solutions, is once again positioning itself as a technology innovator with the hacking event Pwn2Own. On the occasion of the 15th anniversary of the event, 25 zero-day vulnerabilities were uncovered at software providers. These include the partners Microsoft, Tesla, Zoom and VMware. Participants were recognized for their efforts with prize money of more than...

Read more

© 2024 MedPressIT GbR
Cookie Settings