October 29, 2024 at 01:37PM QNAP addressed a critical zero-day vulnerability (CVE-2024-50388) in HBS 3 Hybrid Backup Sync, exploited at Pwn2Own Ireland 2024. The patch is available in version 25.1.1.673 and later. This follows a history of security challenges for QNAP devices, often targeted by ransomware gangs due to sensitive file storage. ### Meeting Takeaways: … Read more
October 24, 2024 at 04:46AM On day 2 of Pwn2Own Ireland 2024, over $350,000 was awarded, including $50,000 for an exploit targeting the Samsung Galaxy S24. **Meeting Takeaways:** 1. **Financial Overview**: A total of over $350,000 was awarded on Day 2 of Pwn2Own Ireland 2024. 2. **Significant Exploit**: An exploit targeting the Samsung Galaxy S24 … Read more
August 27, 2024 at 02:27AM Google has disclosed an actively exploited security flaw in its Chrome browser, tracked as CVE-2024-7965, related to an inappropriate implementation bug in the V8 JavaScript and WebAssembly engine. The security researcher TheDog discovered the flaw and was awarded an $11,000 bug bounty. Users are advised to upgrade to Chrome version … Read more
March 27, 2024 at 10:54AM Google released a Chrome browser security update addressing seven vulnerabilities, with four reported by external researchers. The most severe is a use-after-free bug in ANGLE, resulting in a $10,000 bug bounty. Three other high-severity issues were noted, including two zero-day vulnerabilities exploited at the Pwn2Own Vancouver 2024 hacking contest. The … Read more