EHA
Lazarus And The FudModule Rootkit : Beyond BYOVD With An Admin-To-Kernel Zero-Day

Lazarus Hackers Exploited Windows kernel 0-day In The Wild

The Lazarus threat group has been exploiting a Microsoft vulnerability associated with Windows Kernel Privilege Escalation to establish a kernel-level read/write primitive. This vulnerability was previously unknown which exists in the appid.sys AppLocker driver. This...
Hackers launched 250,000+ Attacks to Exploit Ivanti VPN 0-Day

Hackers launched 250,000+ Attacks to Exploit Ivanti VPN 0-Day

Ivanti Connect Secure vulnerabilities were disclosed in January 2024 as a potential gateway for threat actors to penetrate corporate networks. The two vulnerabilities, CVE-2023-46805 and CVE-2024-21887 were associated with authentication bypass and arbitrary command...
Google Chrome Zero-day Exploited in the Wild: Patch Now!

Google Chrome Zero-day Exploited in the Wild: Patch Now!

Google has released urgent upgrades to fix the Chrome zero-day high-severity vulnerability that has been widely exploited, which could lead to software crashes or arbitrary code execution. To address the actively exploited zero-day vulnerability, the...
Apple Urgently Patches Zero-day Flaw Exploited in the Wild

Apple Urgently Patches Zero-day Flaw Exploited in the Wild

Apple has released an emergency security update for patching two actively exploited zero-day vulnerabilities on iOS. The vulnerabilities were discovered earlier this month and are tracked as CVE-2023-42916, and CVE-2023-42917 affected many Apple products. The...
Hackers Exploiting Zimbra 0-day to Attack Government Organizations

Hackers Exploiting Zimbra 0-day to Attack Government Organizations

Zimbra Collaboration is an open-source solution software suite with an email server and web client for collaboration.  Over 5,000 companies and public sector users, along with hundreds of millions of end-users in more than 140...
SysAid Server Zero-Day

MOVEit Hackers Turn to SysAid Servers Zero-Day Vulnerability

As previously reported, SysAid disclosed a zero-day issue affecting on-premises SysAid servers. The vulnerability was found to be a path traversal vulnerability and was given CVE-2023-47426. Additionally, SysAid stated that there were reports of Lace...
SideCopy APT group Exploiting WinRAR Zero-Day to Deliver Ares RAT

SideCopy APT group Exploiting WinRAR Zero-Day to Deliver Ares RAT

SideCopy, the Pakistani-based threat actor, has been using the WinRAR vulnerability (CVE-2023-38831) to target Indian government entities for delivering multiple RATs (Remote Access Trojans) like AllaKore RAT, Ares RAT, and DRat. The threat actor has...
Exploit Cisco IOS Zero-day

Exploit Released for Cisco IOS XE Zero-day Vulnerability

Cisco was reported with a critical vulnerability last week, which has been actively exploited by threat actors in the wild. The vulnerability was assigned with the CVE-2023-20198 and was given a severity rating of...
Zero-Day Vulnerabilities

Over 700 Zero-Day Vulnerabilities Identified in Q3 2023: Mitigation Methods on WAAP 

The term "zero-day" indicates no time between developers discovering a vulnerability and attackers exploiting it.    According to the Indusface zero-day vulnerability report, over 700 0-day vulnerabilities were identified in Q3, 2023.   This blog outlines the risks...
Hackers Exploit Roundcube Zero-day to Attack Government Email Servers

Hackers Exploit Roundcube Zero-day to Attack Government Email Servers

Hackers usually opt for zero-day vulnerabilities because they are not publicly known, making them more difficult for defenders to patch or protect against.  This gives hackers an advantage by exploiting a flaw before it's discovered...

Managed WAF

Website

Latest News