11.8 C
Sunday, September 24, 2017
Home Tags Zero-day

Tag: zero-day

Exploit acquisition vendor Zerodium said Wednesday it will pay up to $1M for an unknown Tor Browser zero day.
Microsoft fixes 25 critical vulnerabilities including one zero day under attack and one tied to the high-profile BlueBorne attack vector.
The Vice President of the Apache Struts PMC says the attackers likely used an unknown Struts zero day or an earlier announced vulnerability.
We've got Safe Mode and that's safe enough, vendor tells ~400m users The Zero Day Initiative (ZDI) has gone public with a Foxit PDF Reader vulnerability without a fix, because the vendor resisted patching.…
Microsoft has said it will not patch a two-decade-old Windows SMB vulnerability, called SMBloris because it behaves comparably to the Slowloris attacks.

The flaw will be disclosed and demonstrated during DEF CON.
To date, nobody has been able to find any significant code sharing between ExPetr/Petya and older malware.

Given our love for unsolved mysteries, we jumped right on it. Wersquo;d like to think of this ongoing research as an opportunity for an open invitation to the larger security community to help nail down (or disprove) the link between BlackEnergy and ExPetr/Petya.
The ShadowBrokers announced details on how to subscribe to its Monthly Dump Service, which is available for 100 Zcash.
NEWS ANALYSIS: New vulnerability allows malware to subvert the operations of Microsoft’s security software on most current systems.
Microsoft patched three zero day vulnerabilities actively under attack today as part of its May Patch Tuesday release.
Microsoft released an emergency update for a zero-day vulnerability disclosed by Google in the Microsoft Malware Protection Engine bundled with most versions of Windows.