Ransomware crew may have exploited Windows make-me-admin bug as a zero-day

June 12, 2024 at 06:16PM Symantec’s threat hunters suspect Black Basta ransomware gang exploited a Windows privilege escalation bug, CVE-2024-26169, before Microsoft’s patch. Symantec’s analysis suggests the ransomware could have been compiled pre-patch, allowing “at least one group” to exploit the vulnerability as a zero-day. The ransomware gang, tracked as Storm-1811, used social engineering attacks … Read more

Google warns of actively exploited Pixel firmware zero-day

June 12, 2024 at 03:13PM Google has released patches for 50 security vulnerabilities affecting its Pixel devices. One flaw, CVE-2024-32896, has been targeted in zero-day attacks and is considered a high-severity issue. The company advises all supported Google devices to accept the 2024-06-05 patch update. Pixel users must go to Settings > Security & privacy … Read more

Ransomware Group May Have Exploited Windows Vulnerability as Zero-Day

June 12, 2024 at 12:45PM Symantec reported that a ransomware group possibly exploited a patched Windows privilege escalation vulnerability before Microsoft’s fix. The flaw, tracked as CVE-2024-26169, could allow attackers to obtain System privileges. Symantec found evidence suggesting the Black Basta ransomware group exploited this vulnerability as a zero-day, hitting over 500 organizations globally. Summary … Read more

China-Backed Hackers Exploit Fortinet Flaw, Infecting 20,000 Systems Globally

June 12, 2024 at 05:15AM China-backed threat actors accessed 20,000 Fortinet FortiGate systems globally by exploiting a critical vulnerability, with the operation impacting Western governments, international organizations, and defense companies. The attackers deployed a backdoor to maintain remote access and spread malware, highlighting the increasing trend of targeting edge devices for cyber attacks. For more … Read more

Check Point Warns of Zero-Day Attacks on its VPN Gateway Products

May 29, 2024 at 11:40AM Check Point warns of zero-day vulnerability in Network Security gateway products, exploited by threat actors. Tracked as CVE-2024-24919, it affects various products. Attackers could read certain information on Internet-connected Gateways with remote access VPN or mobile access enabled. Hotfixes are available for impacted versions. Recent attacks targeted VPN devices to … Read more

Third Chrome Zero-Day Patched by Google Within One Week

May 16, 2024 at 05:09AM Google released Chrome 125 with patches for nine vulnerabilities, including high-severity bugs CVE-2024-4947 and CVE-2024-4948. Exploitation of CVE-2024-4947 could allow remote code execution, and Google acknowledged its exploitation in the wild. Updates are advised due to recent zero-day vulnerabilities. Bug bounty details have not been disclosed. From the meeting notes, … Read more

Google fixes fifth Chrome zero-day exploited in attacks this year

May 10, 2024 at 04:09AM Google has released a security update for the Chrome browser to fix the fifth zero-day vulnerability of 2024, which is a high-severity “user after free” issue in the Visuals component. The update addresses potential data leakage, code execution, and crashes. Users are advised to confirm they have the latest version … Read more

Cisco Raises Alarm for ‘ArcaneDoor’ Zero-Days Hitting ASA Firewall Platforms

April 24, 2024 at 02:09PM Cisco issued a warning about professional, nation state-backed hackers exploiting two zero-day vulnerabilities in its ASA firewall platforms to plant malware on telecommunications and energy sector networks. The campaign, known as ArcaneDoor, aims to exploit software defects in Cisco products, potentially exfiltrate data, and execute commands. Cisco recommended ensuring proper … Read more

Google fixes one more Chrome zero-day exploited at Pwn2Own

April 3, 2024 at 12:40PM Google has resolved a zero-day vulnerability in Chrome, tracked as CVE-2024-3159, stemming from an out-of-bounds read weakness in the Chrome V8 JavaScript engine. The flaw allowed remote attackers to gain unauthorized access to data or trigger a crash. Google also addressed two other Chrome zero-days and two Android zero-days, underscoring … Read more

Russian APT ‘Winter Vivern’ Targets European Government, Military

February 17, 2024 at 03:07AM Winter Vivern, a Russia-aligned threat group, exploited cross-site scripting vulnerabilities in Roundcube webmail servers across Europe, primarily targeting government, military, and national infrastructure in Georgia, Poland, and Ukraine. Using social engineering techniques and a zero-day exploit, they gained unauthorized access to mail servers, potentially for cyber-espionage serving the interests of … Read more