zero-day vulnerability – Page 4 – Experimental News Clipping Site

The Register: Atos denies Space Bears’ ransomware claims – with a ‘but’

Jan 4, 2025

—

by

Source URL: https://www.theregister.com/2025/01/04/atos_denies_space_bears_ransomware/ Source: The Register Title: Atos denies Space Bears’ ransomware claims – with a ‘but’ Feedly Summary: Points finger at third-party infrastructure being breached French tech giant Atos today denied that Space Bears criminals breached its systems – but noted that third-party infrastructure was compromised by the ransomware crew, and that files accessed…

Slashdot: Chinese Hacker Singlehandedly Responsible For Exploiting 81,000 Sophos Firewalls, DOJ Says

Dec 17, 2024

—

by

system automation

in Uncategorized

Source URL: https://it.slashdot.org/story/24/12/17/1745239/chinese-hacker-singlehandedly-responsible-for-exploiting-81000-sophos-firewalls-doj-says?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Chinese Hacker Singlehandedly Responsible For Exploiting 81,000 Sophos Firewalls, DOJ Says Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a significant cybersecurity incident involving a Chinese hacker and the associated compromising of firewalls that protect US critical infrastructure. The indictment highlights the escalation of cyber threats…

The Register: US names Chinese national it alleges was behind 2020 attack on Sophos firewalls

Dec 11, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/12/11/sichuan_silence_sophos_zeroday_sanctions/ Source: The Register Title: US names Chinese national it alleges was behind 2020 attack on Sophos firewalls Feedly Summary: Also sanctions his employer – an outfit called Sichuan Silence linked to Ragnarok ransomware The US Departments of Treasury and Justice have named a Chinese business and one of its employees as the…

Krebs on Security: Patch Tuesday, December 2024 Edition

Dec 11, 2024

—

by

system automation

in Uncategorized

Source URL: https://krebsonsecurity.com/2024/12/patch-tuesday-december-2024-edition/ Source: Krebs on Security Title: Patch Tuesday, December 2024 Edition Feedly Summary: Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that is already being exploited in active attacks. The zero-day seeing exploitation involves CVE-2024-49138, a security weakness in the Windows Common……

The Register: PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files

Dec 6, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/12/06/mitel_micollab_0day/ Source: The Register Title: PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files Feedly Summary: Still unpatched 100+ days later, watchTowr says A zero-day arbitrary file read vulnerability in Mitel MiCollab can be chained with a now-patched critical bug in the same platform to give attackers access to sensitive…

The Register: China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer

Nov 19, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/11/19/china_brazenbamboo_fortinet_0day/ Source: The Register Title: China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer Feedly Summary: No word on when or if the issue will be fixed Chinese government-linked snoops are exploiting a zero-day bug in Fortinet’s Windows VPN client to steal credentials and other information, according to memory forensics outfit Volexity.… AI…

The Register: Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit

Nov 15, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/11/15/palo_alto_networks_firewall_zeroday/ Source: The Register Title: Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit Feedly Summary: Yank access to management interface, stat A critical zero-day vulnerability in Palo Alto Networks’ firewall management interface that can allow an unauthenticated attacker to remotely execute code is now officially under active exploitation.… AI Summary and…

Slashdot: Is AI-Driven 0-Day Detection Here?

Nov 2, 2024

—

by

system automation

in Uncategorized

Source URL: https://it.slashdot.org/story/24/11/02/2150233/is-ai-driven-0-day-detection-here?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Is AI-Driven 0-Day Detection Here? Feedly Summary: AI Summary and Description: Yes Summary: This text discusses the advancements in AI-driven vulnerability detection, particularly focusing on the implementation of LLM-powered methodologies that have proven effective in identifying critical zero-day vulnerabilities. The approach combines deep program analysis with adversarial AI agents,…

The Register: Windows Themes zero-day bug exposes users to NTLM credential theft

Oct 30, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/10/30/zeroday_windows_themes/ Source: The Register Title: Windows Themes zero-day bug exposes users to NTLM credential theft Feedly Summary: Plus a free micropatch until Redmond fixes the flaw There’s a Windows Themes spoofing zero-day bug on the loose that allows attackers to steal people’s NTLM credentials.… AI Summary and Description: Yes Summary: The text discusses…

Cisco Talos Blog: What I’ve learned in my first 7-ish years in cybersecurity

Oct 17, 2024

—

by

system automation

in Uncategorized

Source URL: https://blog.talosintelligence.com/threat-source-newsletter-oct-17-2024/ Source: Cisco Talos Blog Title: What I’ve learned in my first 7-ish years in cybersecurity Feedly Summary: Plus, a zero-day vulnerability in Qualcomm chips, exposed health care devices, and the latest on the Salt Typhoon threat actor. AI Summary and Description: Yes Summary: The text shares personal insights and experiences from an…

Tag: zero-day vulnerability