Nao_Sec cybersecurity researchers state the “odd-looking” MS Word document was uploaded on VirusTotal from a Belarus IP address. Independent cybersecurity research group Nao_Sec has revealed startling details of a new…
Tag: 0-day
Latest Update for Google Chrome Fixes Actively Exploited 0-day Flaw
One of the two security vulnerabilities identified in the Google Chrome web browser was reportedly being actively exploited in the wild. On Thursday, Google released emergency fixes for the Chrome…
Virginia Reeling from Ransomware
Virginia Reeling from Ransomware Virginia is fighting cyber-fires on two fronts after ransomware attacks affected both its state legislature and an agency within its executive branch. In an attack that struck on…
Security company offers Log4j 'vaccine' for systems that can't be updated immediately
For those unable to patch the Apache Log4Shell vulnerability, cybersecurity firm Cybereason has released what they called a “fix” for the 0-day exploit. Cybereason urged people to patch their systems…
Hackers actively exploiting 0-day in Ubiquitous Apache Log4j tool
Apache has released Log4j version 2.15.0 to address the critical RCE vulnerability and users are urged to apply the update immediately. The Apache Foundation’s Log4j is a widely used open-source…
Zero Day in Ubiquitous Apache Log4j Tool Under Active Attack
The Log4Shell vulnerability critically threatens anybody using the popular open-source Apache Struts framework and could lead to a “Mini internet meltdown soonish.” An excruciating, easily exploited flaw in the ubiquitous…
SMA 100 flaws in SonicWall VPN expose devices to remote takeover
If exploited, an unauthenticated, remote attacker can execute code as a “nobody user” in the device meaning attacker would get root access and gain full control of the device. SonicWall,…
FBI: FatPipe VPN Zero-Day Exploited by APT for 6 Months
The bureau’s flash alert said an APT has been exploiting the flaw to compromise FatPipe router clustering and load balancer products to breach targets’ networks. A threat actor has been…
Security company faces backlash for waiting 12 months to disclose Palo Alto 0-day
There has been considerable debate within the cybersecurity community about Randori, a security firm that waited one year before disclosing a critical buffer overflow bug it discovered in Palo Alto…