Over 700 Zero-Day Vulnerabilities Identified in Q3 2023: Mitigation Methods on WAAP
The term "zero-day" indicates no time between developers discovering a vulnerability and attackers exploiting it.
According to the Indusface zero-day vulnerability report, over 700 0-day vulnerabilities were identified in Q3, 2023.
This blog outlines the risks...
.webp?w=324&resize=324,235&ssl=1 "13,800+ Internet-Exposed Check Point Gateways Vulnerable To 0-Day Attacks: Poc Released")
13,800+ Internet-Exposed Check Point Gateways Vulnerable To 0-Day Attacks: Poc Released
A critical zero-day vulnerability, CVE-2024-24919, has been discovered in Check Point Security Gateways, enabling the IPSec VPN or Mobile Access blades.
This vulnerability is actively exploited in the wild, posing a significant threat to...
ArcaneDoor Hackers Who Exploited Cisco Firewall Zero-Days Linked To China
Hackers target Cisco Firewalls due to their widespread use and the potential to exploit vulnerabilities to gain unauthorized access, steal data, and launch cyber attacks.
Cisco Talos recently reported on a global campaign dubbed...
CrushFTP Zero-Day Could Allow Attackers To Gain Complete Server Access
CrushFTP disclosed a zero-day vulnerability (CVE-2024-4040) affecting versions below 10.7.1 and 11.1.0. The vulnerability allows remote attackers with low privileges to bypass the VFS sandbox and read arbitrary files on the underlying filesystem.
It could...
$30 Million Bounty Rewards For Android, iOS, & Chrome Zero-day
This year, Crowdfense is expanding its scope to encompass additional major research fields like Enterprise Software, WiFi/Baseband, and Messengers and is proposing a larger 30 million USD acquisition program.
Crowdfense is the world's premier research...
Lazarus Hackers Exploited Windows kernel 0-day In The Wild
The Lazarus threat group has been exploiting a Microsoft vulnerability associated with Windows Kernel Privilege Escalation to establish a kernel-level read/write primitive.
This vulnerability was previously unknown which exists in the appid.sys AppLocker driver.
This...
Hackers launched 250,000+ Attacks to Exploit Ivanti VPN 0-Day
Ivanti Connect Secure vulnerabilities were disclosed in January 2024 as a potential gateway for threat actors to penetrate corporate networks.
The two vulnerabilities, CVE-2023-46805 and CVE-2024-21887 were associated with authentication bypass and arbitrary command...
Google Chrome Zero-day Exploited in the Wild: Patch Now!
Google has released urgent upgrades to fix the Chrome zero-day high-severity vulnerability that has been widely exploited, which could lead to software crashes or arbitrary code execution.
To address the actively exploited zero-day vulnerability, the...
-1.webp?w=324&resize=324,235&ssl=1 "Apple Urgently Patches Zero-day Flaw Exploited in the Wild")
Apple Urgently Patches Zero-day Flaw Exploited in the Wild
Apple has released an emergency security update for patching two actively exploited zero-day vulnerabilities on iOS. The vulnerabilities were discovered earlier this month and are tracked as CVE-2023-42916, and CVE-2023-42917 affected many Apple products.
The...
.webp?w=324&resize=324,235&ssl=1 "Hackers Exploiting Zimbra 0-day to Attack Government Organizations")
Hackers Exploiting Zimbra 0-day to Attack Government Organizations
Zimbra Collaboration is an open-source solution software suite with an email server and web client for collaboration.
Over 5,000 companies and public sector users, along with hundreds of millions of end-users in more than 140...
Recent Posts
CyTwist Launches Advanced Security Solution to identify AI-Driven Cyber Threats in...
CyTwist, a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware.
The cybersecurity...