Archive for the ‘Zero-Day Vulnerability’ Category

Firefox 67.0.4 Released — Mozilla Patches Second 0-Day Flaw This Week

June 21st, 2019
Okay, folks, it's time to update your Firefox web browser once again—yes, for the second time this week. After patching a critical actively-exploited vulnerability in Firefox 67.0.3 earlier this week, Mozilla is now warning millions of its users about a second zero-day vulnerability that attackers have been found exploiting in the wild. The newly patched issue (CVE-2019-11708) is a "sandbox

Posted in browser sandbox, browser security, Cyber Attack, Firefox, firefox exploit, Firefox zero day, malware, remote code execution, sandbox bypass, tor browser, Zero-Day Vulnerability | Comments (0)

Tor Browser 8.5.2 Released — Update to Fix Critical Firefox Vulnerability

June 20th, 2019
Important Update (21 June 2019) ➤ The Tor Project on Friday released second update (Tor Browser 8.5.3) for its privacy web-browser that patches the another Firefox zero-day vulnerability patched this week. Following the latest critical update for Firefox, the Tor Project today released an updated version of its anonymity and privacy browser to patch the same Firefox vulnerability in its bundle

Posted in Cyber Attack, Firefox, Firefox vulnerability, hacking news, tor browser, zero-day attack, Zero-Day Vulnerability | Comments (0)

New Critical Oracle WebLogic Flaw Under Active Attack — Patch Now

June 19th, 2019
Oracle has released an out-of-band emergency software update to patch a newly discovered critical vulnerability in the WebLogic Server. According to Oracle, the vulnerability—which can be identified as CVE-2019-2729 and has a CVSS score of 9.8 out of 10—is already being exploited in the wild by an unnamed group of attackers. Oracle WebLogic is a Java-based multi-tier enterprise application

Posted in cyber security, Deserialization Vulnerability, hacking news, Oracle WebLogic Server, remote code execution, Vulnerability, Zero-Day Vulnerability | Comments (0)

Update: Hacker Disclosed 4 New Microsoft Zero-Day Exploits in Last 24 Hours

May 23rd, 2019
Less than 24 hours after publicly disclosing an unpatched zero-day vulnerability in Windows 10, the anonymous hacker going by online alias "SandboxEscaper" has now dropped new exploits for two more unpatched Microsoft zero-day vulnerabilities. The two new zero-day vulnerabilities affect Microsoft's Windows Error Reporting service and Internet Explorer 11. Just yesterday, while releasing a

Posted in cyber security, hacking news, Internet Explorer, microsoft, sandbox bypass, windows security, windows Vulnerability, Windows zero-day vulnerability, Zero-Day Vulnerability | Comments (0)

PoC Exploit For Unpatched Windows 10 Zero-Day Flaw Published Online

May 22nd, 2019
An anonymous hacker with an online alias "SandboxEscaper" today released proof-of-concept (PoC) exploit code for a new zero-day vulnerability affecting Windows 10 operating system—that's his/her 5th publicly disclosed Windows zero-day exploit [1, 2, 3] in less than a year. Published on GitHub, the new Windows 10 zero-day vulnerability is a privilege escalation issue that could allow a local

Posted in hacking news, Microsoft Windows 10, operating system, privilege escalation, sandbox bypass, Vulnerability, windows security, Zero-Day Vulnerability | Comments (0)

‘Highly Critical’ Unpatched Zero-Day Flaw Discovered In Oracle WebLogic

April 25th, 2019
A team of cybersecurity researchers today published a post warning enterprises of an unpatched, highly critical zero-day vulnerability in Oracle WebLogic server application that some attackers might have already started exploiting in the wild. Oracle WebLogic is a scalable, Java-based multi-tier enterprise application server that allows businesses to quickly deploy new products and services

Posted in cyber security, oracle, Oracle WebLogic Server, remote code execution, Vulnerability, Zero-Day Vulnerability | Comments (0)

Unpatched Zero-Days in Microsoft Edge and IE Browsers Disclosed Publicly

March 30th, 2019
Exclusive — A security researcher today publicly disclosed details and proof-of-concept exploits for two 'unpatched' zero-day vulnerabilities in Microsoft's web browsers after the company allegedly failed to respond to his responsible private disclosure. Both unpatched vulnerabilities—one of which affects the latest version of Microsoft Internet Explorer and another affects the latest Edge

Posted in hacking news, Internet Explorer, microsoft, Microsoft Edge browser, Microsoft Internet Explorer, Same Origin Policy Bypass, Vulnerability, Zero-Day Vulnerability | Comments (0)

Unpatched vCard Flaw Could Let Attackers Hack Your Windows PCs

January 15th, 2019
A zero-day vulnerability has been discovered and reported in the Microsoft's Windows operating system that, under a certain scenario, could allow a remote attacker to execute arbitrary code on Windows machine. Discovered by security researcher John Page (@hyp3rlinx), the vulnerability was reported to the Microsoft security team through Trend Micro's Zero Day Initiative (ZDI) Program over 6

Posted in cyber security, hacking news, vCard exploit, Vulnerability, windows hacking, windows security, windows Vulnerability, Zero-Day Vulnerability | Comments (0)

63 New Flaws (Including 0-Days) Windows Users Need to Patch Now

November 14th, 2018
It's Patch Tuesday once again…time for another round of security updates for the Windows operating system and other Microsoft products. This month Windows users and system administrators need to immediately take care of a total of 63 security vulnerabilities, of which 12 are rated critical, 49 important and one moderate and one low in severity. <!-- adsense --> Two of the vulnerabilities

Posted in hacking news, microsoft, Microsoft Patch Tuesday, Microsoft update, Security patch Update, Vulnerability, Windows 10, Zero-Day Vulnerability | Comments (0)

Unpatched VirtualBox Zero-Day Vulnerability and Exploit Released Online

November 8th, 2018
An independent exploit developer and vulnerability researcher has publicly disclosed a zero-day vulnerability in VirtualBox—a popular open source virtualization software developed by Oracle—that could allow a malicious program to escape virtual machine (guest OS) and execute code on the operating system of the host machine. The vulnerability occurs due to memory corruption issues and affects

Posted in hacking news, hypervisors, virtual machine, virtualbox, Virtualization software, Vulnerability, zero-day exploit, Zero-Day Vulnerability | Comments (0)