Browsing tag
Cybersecurity researchers have found a way to exploit a recently disclosed critical flaw in PaperCut servers in a manner that bypasses all current detections. Tracked as CVE-2023-27350 (CVSS score: 9.8), the issue affects PaperCut MF and NG installations that could be exploited by an unauthenticated attacker to execute arbitrary code with SYSTEM privileges. While the […]
According to Matt Miller, a security engineer with the Microsoft Security Response Center, many zero-day vulnerabilities are ineffective against the newest versions of Windows 10. Miller analyzed zero-day attacks from 2015 to 2019 — focusing on how exploitation attacks have become less frequent since the release of Windows 10. The report concluded that over 40% […]
Hackers exploiting the recently disclosed Oracle WebLogic Server remote code execution vulnerability to install a new variant of ransomware called “Sodinokibi.” The vulnerability allows anyone with HTTP access to the server can carry out the attack without authentication. The vulnerability affects Oracle WebLogic Server, versions 10.3.6.0, 12.1.3.0, Oracle fixed the issue on April 26, and […]
According to the latest Kaspersky Lab Report, a Windows Zero-Day vulnerability is serving as a backdoor for hackers to take control of users’ PCs. The latest exploit utilizes a use-after-free attack and has a technical name CVE-2019-0895. The exploit is found in win32k.sys and grants hackers Local Privilege meaning they’re able to access resources usually outside of users’ capabilities. How Windows Zero-Day Vulnerability Works? A normal […]
Hackers exploiting zero-day vulnerabilities in Counter-Strike 1.6 game client to infect player’s devices by using a malicious gaming server and downloads malware into their devices. The Counter-Strike game was decades old but still have a huge fan database, according to researchers, 20,000 players using official CS 1.6 clients. The official game client contains two unpatched […]
Microsoft is alread already having a lot on its plate for these past few days. And it appears October couldn’t get any worse for the company. A new zero-day vulnerability discovered by a researcher @SandboxEscaper can be exploited to delete files without any permission. As Bleeping Computer notes, the vulnerability, which affects all the Windows 10 versions, can be […]
A researcher discovered new double Zero-day exploit that affected Adobe Acrobat, Reader and older Windows 7 platforms, Windows Server 2008. This critical Zero-Day exploit discovered during the analysis conducted by Microsoft against the malicious PDF file that discovered by ESET researcher. The malicious PDF initially reported to Microsoft as a potential exploit for an unknown Windows kernel […]
If you have already uninstalled Flash Player, congratulations! But if you did not do it, here’s another good reason to abandon it. Adobe has released a security patch update for a critical vulnerability in its Flash Player zero day exploit that is actively exploited in nature by hackers as part of targeted attacks against Windows […]
The infamous hacking collective Shadow agents – the only who leaked the home windows SMB exploit in public that brought about remaining weekend’s WannaCrypt risk – are back, this time, to purpose extra damage with their zero day exploit. In normally damaged English, the Shadow brokers published a clean declaration (with full of frustration) some […]
Short Bytes: A hacker is selling a dangerous zero day vulnerability on a Russian cybercrime website. This exploit is said to be affecting more than 1.5 billion Windows users as it works on all version of Windows. The hacker wishes to sell the complete source code and demo of the exploit to any person who pays […]