While these deadlines to remediate identified vulnerabilities and patch zero-days are a mandate for federal agencies based on Binding Operational Directive (BOD) 22-01, a review of these recent …
Patch Released for Actively Exploited GoAnywhere MFT Zero-Day
The developers behind the GoAnywhere managed file transfer (MFT) software have released a patch for a critical zero-day vulnerability. The flaw was identified recently and warnings of active …
Continue Reading about Patch Released for Actively Exploited GoAnywhere MFT Zero-Day
Apple Fixes Actively Exploited iOS and iPadOS Zero-Day Vulnerability
Apple released new updates earlier this week that patch zero-day vulnerabilities in iOS and iPadOS devices. The flaws fixed in the latest updates have reportedly been exploited in the wild by threat …
Continue Reading about Apple Fixes Actively Exploited iOS and iPadOS Zero-Day Vulnerability
Microsoft Confirms Pair of Blindsiding Exchange Zero-Days, No Patch Yet
Microsoft has fast-tracked two patches for vulnerabilities impacting Microsoft Exchange Servers. The vulnerabilities have been reported as zero-days. While Microsoft works on developing a patch, …
Continue Reading about Microsoft Confirms Pair of Blindsiding Exchange Zero-Days, No Patch Yet
Apple Quietly Releases Another Patch for Zero-Day RCE Bug
Apple has released more updates to patch a remote-code execution flaw that is being actively exploited. The vulnerability was patched earlier this month in newer devices. However, the Wednesday …
Continue Reading about Apple Quietly Releases Another Patch for Zero-Day RCE Bug
Google Reports Record Year for Zero Days in 2021
Google reported that 2021 was a record year for zero-day exploits, the highest number since Google began tracking them. However, the company states that this could be a result of improved detection …
Continue Reading about Google Reports Record Year for Zero Days in 2021
Google Chrome Bug Actively Exploited as Zero-Day
Google has released an emergency patch for a security flaw found in the open-source V8 JavaScript engine that is being actively exploited in the wild. The vulnerability applies to Google's Stable …
Continue Reading about Google Chrome Bug Actively Exploited as Zero-Day
Take Your QNAP NAS Offline! DeadBolt Ransomware Locks Devices via Alleged Zero-Day Flaw
A new ransomware strain is allegedly targeting the QNAP customer base, effectively locking users out of the Network Attached Storage (NAS) devices and prohibiting them from accessing stored data. The …
FatPipe VPN Zero-Day Exploited by APT for 6 Months
The FBI released an alert stating that the advanced persistent threat groups (APTs) have been exploiting a zero-day flaw in FatPipe's virtual private network as a way to breach companies and gain …
Continue Reading about FatPipe VPN Zero-Day Exploited by APT for 6 Months
Apache HTTP Server Project patches exploited zero-day vulnerability
Apache HTTP Server Project developers are urging users to immediately implement a patch that resolves a zero-day vulnerability. According to a security advisory that was published yesterday, the bug …
Continue Reading about Apache HTTP Server Project patches exploited zero-day vulnerability