英文文章归档 - 第11页共17页

Feature：英文文章

@Pikachu · 16 天前

Over 700 Zero-Day Vulnerabilities Identified in Q3 2023: Mitigation Methods on WAAP

The term “zero-day” indicates no time between developers discovering a vulnerability and attackers exploiting it. According to the Indusface zero-day vulnerability report, over 700 0-day vulnerabilities were identified in Q ...

@Pikachu · 16 天前

Exploit Released for Cisco IOS XE Zero-day Vulnerability

Cisco was reported with a critical vulnerability last week, which has been actively exploited by threat actors in the wild. The vulnerability was assigned with the CVE-2023-20198 and was given a severity rating of 10.0 (Critical) ...

@Pikachu · 16 天前

SideCopy APT group Exploiting WinRAR Zero-Day to Deliver Ares RAT

SideCopy, the Pakistani-based threat actor, has been using the WinRAR vulnerability (CVE-2023-38831) to target Indian government entities for delivering multiple RATs (Remote Access Trojans) like AllaKore RAT, Ares RAT, and DRat. ...

@Pikachu · 16 天前

MOVEit Hackers Turn to SysAid Servers Zero-Day Vulnerability

As previously reported, SysAid disclosed a zero-day issue affecting on-premises SysAid servers. The vulnerability was found to be a path traversal vulnerability and was given CVE-2023-47426. Additionally, SysAid stated that th ...

@Pikachu · 16 天前

Hackers Exploiting Zimbra 0-day to Attack Government Organizations

Zimbra Collaboration is an open-source solution software suite with an email server and web client for collaboration. Over 5,000 companies and public sector users, along with hundreds of millions of end-users in more than 140 ...

@Pikachu · 16 天前

Apple Urgently Patches Zero-day Flaw Exploited in the Wild

Apple has released an emergency security update for patching two actively exploited zero-day vulnerabilities on iOS. The vulnerabilities were discovered earlier this month and are tracked as CVE-2023-42916, and CVE-2023-42917 aff ...

@Pikachu · 16 天前

Google Chrome Zero-day Exploited in the Wild: Patch Now!

Google has released urgent upgrades to fix the Chrome zero-day high-severity vulnerability that has been widely exploited, which could lead to software crashes or arbitrary code execution. To address the actively exploited zer ...

@Pikachu · 16 天前

Hackers launched 250,000+ Attacks to Exploit Ivanti VPN 0-Day

Ivanti Connect Secure vulnerabilities were disclosed in January 2024 as a potential gateway for threat actors to penetrate corporate networks. The two vulnerabilities, CVE-2023-46805 and CVE-2024-21887 were associated with au ...

@Pikachu · 16 天前

Lazarus Hackers Exploited Windows kernel 0-day In The Wild

The Lazarus threat group has been exploiting a Microsoft vulnerability associated with Windows Kernel Privilege Escalation to establish a kernel-level read/write primitive. This vulnerability was previously unknown which exis ...

@Pikachu · 16 天前

$30 Million Bounty Rewards For Android, iOS, & Chrome Zero-day

This year, Crowdfense is expanding its scope to encompass additional major research fields like Enterprise Software, WiFi/Baseband, and Messengers and is proposing a larger 30 million USD acquisition program. Crowdfense is the ...

Pikachu Hacker