Hackers Using MSHTML 0-Days Exploit To Deploy Cobalt Strike Beacon On Windows

Hackers Using MSHTML 0-Days Exploit To Deploy Cobalt Strike Beacon On Windows

Microsoft announced a targeted phishing campaign that they have detected recently, and this campaign is exploiting MSHTML 0-Days exploit to deploy Cobalt Strike Beacon on Windows. But, right now at this moment, they have already...
U.S. Company Sold Zero-Click Hacking Tool to UAE Company For Spy & Collect Foreign Intelligence

U.S. Company Sold Zero-Click Hacking Tool to UAE Company For Spy & Collect Foreign...

Recently, the US Department of Justice has seized three former employees of the US National Security Agency (NSA) who have worked as contracted hackers for a data security company in the UAE. However, the authorities...
Google Successfully Patched 10th Chrome Zero-day Vulnerability in This Year

Google Successfully Patched 10th Chrome Zero-day Vulnerability in This Year

Recently, on Monday, Google has published fixes for 11 different bugs in Chrome, which also include two zero-days that are currently being exploited in the wild.  Google Chrome is a browser that generally connects a...
New 0-day Backdoor Allow Hackers to Gain Remote Root Shell Access on Teradek IP Video Devices

New 0-day Backdoor Allow Hackers to Gain Remote Root Shell Access on Teradek IP...

A new report has been published recently which claims that a 0-day backdoor giving remote root shell access on Teradek IP video devices.  The Teradek IP video devices are live streaming devices, that generally encode...
Zero-Day Bugs Must be Reported to Government Within 2 Days of Discovery – New Chinese IT Law

Zero-Day Bugs Must be Reported to Government Within 2 Days of Discovery – New...

A new rule has been passed by the Chinese government, that claims that every cybersecurity experts have to report any kind of Zero-Day vulnerability they found in software within 2 days to the government. However,...
Windows Print Spooler

Windows Print Spooler RCE Zero-day (CVE-2021-34527) Let Hackers Take Over The Entire System Remotely

Microsoft has released an emergency update for remote code execution vulnerability in Windows Print Spooler. The flaw allows a remote authenticated attacker to attacker execute arbitrary code with SYSTEM privileges. By gaining access to the...
Chrome zero-day

Chrome zero-day – Update Now to Protect from Wildly Exploited Vulnerability

Kaspersky technologies noticed a wave of ‘highly targeted attacks’ against multiple companies during April 2021. As a result of the analysis, all these attacks exploited a chain of Google Chrome and Microsoft Windows zero-day...
Adobe zero-day Vulnerability

Adobe Zero-day Vulnerability Reader for Windows has been Exploited in the Wild

Adobe has notified its customers of a critical zero-day vulnerability actively exploited in the wild that affects its ubiquitous Adobe Acrobat PDF reader software. According to Adobe, the zero-day vulnerability, tracked as CVE-2021-28550, “has been...
HPE Patched Critical zero-day in server Management Software

HPE Patched Critical zero-day in server Management Software

HPE (Hewlett Packard Enterprise) has recently published a critical zero-day bug in one of the latest versions of its exclusive HPE Systems Insight Manager (SIM) software for Windows and Linux. However, all the security...
Billions of Users Affected with Google Chrome Zero-Day That Allow Attackers To Fully Bypass CSP Rules

Billions of Users Affected with Google Chrome Zero-Day That Allow Attackers To Fully Bypass...

Recently, the security expert at PerimeterX, Gal Weizman has detected a Zero-day flaw in Google Chrome Browser that lets the attackers entirely bypass CSP rules, and this vulnerability was assigned as CVE-2020-6519. Weizman said that...