16.5 C
Friday, August 18, 2017
Home Tags Zero-day

Tag: zero-day

Microsoft has said it will not patch a two-decade-old Windows SMB vulnerability, called SMBloris because it behaves comparably to the Slowloris attacks.

The flaw will be disclosed and demonstrated during DEF CON.
To date, nobody has been able to find any significant code sharing between ExPetr/Petya and older malware.

Given our love for unsolved mysteries, we jumped right on it. Wersquo;d like to think of this ongoing research as an opportunity for an open invitation to the larger security community to help nail down (or disprove) the link between BlackEnergy and ExPetr/Petya.
The ShadowBrokers announced details on how to subscribe to its Monthly Dump Service, which is available for 100 Zcash.
NEWS ANALYSIS: New vulnerability allows malware to subvert the operations of Microsoft’s security software on most current systems.
Microsoft patched three zero day vulnerabilities actively under attack today as part of its May Patch Tuesday release.
Microsoft released an emergency update for a zero-day vulnerability disclosed by Google in the Microsoft Malware Protection Engine bundled with most versions of Windows.
Google Project Zero researchers Tavis Ormandy and Natalie Silvanovich found a remotely exploitable Windows vulnerability that Ormandy called he worst in recent memory.
A zero day vulnerability exists in WordPress Core that in some instances, could allow an attacker to reset a user's password and in turn, gain access to their account.
A popular version of the Magento ecommerce platform is vulnerable to a remote code execution bug, putting as many as 200,000 online retailers at risk.
Researchers have learned that the recently patched Office zero day was used to target victims in Russia with FINSPY spyware.