27 Jan 2021

Apple Ships Emergency Fixes for Under-Attack iOS Zero-Day

On Tuesday, Apple released two emergency patches for iOS and iPad OS platforms due to indications that the three security vulnerabilities were under attack by threat actors. The patches are currently being implemented through automatic updating mechanisms as it is critical that Apple users install the fixes. Apple did not

Read More
14 Jan 2021

Google exposes malicious exploits targeting Windows and Android users

Due to Google’s Project Zero, zero-day vulnerabilities and bugs that could infect systems with malware can be uncovered. The project has unveiled a group of vulnerabilities that could have affected a large amount of customers had they not been discovered and patched. Two malicious servers were discovered hoping to pursue

Read More
09 Sep 2020

Researchers Uncover 89 Zero-Days in CMS Platforms

Popular content management system (CMS) platforms may be vulnerable to a plethora of cyber threats, according to security researchers. Recently, a team at Comparitech investigated the recent surge in web defacement attacks, eventually leading to the discovery of 89 zero-day vulnerabilities in CMS platforms. In July 2019, there were roughly

Read More
17 Jul 2020

Zoom Addresses Vanity URL Zero-Day

Check Point security and Zoom announced on Thursday that a new zero-day has been discovered within the “Vanity URL” feature on Zoom, which allows companies to create their own meeting domain. Through exploiting this zero-day, attackers could pose as a company employee, and then use socially engineered conversation to extract

Read More
28 Apr 2020

Attackers exploit 0-day code-execution flaw in the Sophos firewall

Sophos systems have been hit by a zero-day attack that was designed to steal usernames, as well as cryptographically protected passwords, and other sensitive data. The security firm stated that it was attacked through an exploited SQL injection flaw in patched versions of the Sophos XG Firewall on Sunday. The

Read More
07 Apr 2020

This Map Shows the Global Spread of Zero-Day Hacking Techniques

Zero-day exploits are being tracked by a global map developed by FireEye, and the company released yesterday an analysis of how these critical vulnerabilities have been exploited worldwide over the past seven years. The publication includes research from Google Project Zero’s database of active zero days. FireEye exposes what countries

Read More
06 Apr 2020

Researcher Hijacks iOS, macOS Camera with Three Safari Zero-Days

Ryan Pickren, a security researcher, has been awarded $75,000 by Apple for uncovering seven zero-days in Safari, three of which Pickren used to access the camera. The discoveries were shared with Apple in December of 2019 and were subsequently patched. Using the three flaws, Pickren was able to build an

Read More
02 Apr 2020

Two Zoom Zero-Day Flaws Uncovered

Patrick Wardle, a security researcher with Jamf, has uncovered two zero-day flaws in the Zoom macOS client version. The telecom and online class platform vulnerabilities have the potential to give local attackers root privileges, which subsequently allow the attackers to access the victims’ microphone and camera. The two flaws have

Read More
27 Mar 2020

An Elite Spy Group Used 5 Zero-Days to Hack North Koreans

On Thursday, researchers at Google’s Threat Analysis Group announced that an unknown group of hackers used five zero-day vulnerabilities to hack North Koreans in 2019. Although many North Koreans have extremely limited access to the internet, the ones who do have been targeted by a sophisticated hacking spree that may

Read More
18 Mar 2020

Two Trend Micro zero-days exploited in the wild by hackers

Two zero-days have been discovered in Trend Micro antivirus products, according to the company, who issued a security alert earlier this week. After hackers were able to exploit the zero-days, Trend Micro released patches on Monday that address the two vulnerabilities as well as three similarly critical issues. However, the

Read More