Zero-days

Threat actors are launching web shell attacks

Security experts from Microsoft have revealed threat actors are increasingly using web shell attacks in their campaigns. Microsoft’s investigation revealed actors such as ZINC, KRYPTON, and GALLIUM, exploit known vulnerabilities to implant web shells on internet-facing web servers.

Threat actors are launching web shell attacks Read More »

The top 20 vulnerabilities to patch now (that are most under attack)

Security firm Verint analyzed the top 20 vulnerabilities to patch now that are under active attack and exploited by cyber attack groups worldwide. The report is aimed at assisting security teams in prioritizing and enhancing their organization’s patch management efforts.

The top 20 vulnerabilities to patch now (that are most under attack) Read More »

Microsoft issues out-of-band patches (Critical IE CVE-2019-1367 exploited in wild)

Microsoft has released out-of-band patches for Internet Explorer and Microsoft Defender products. The IE zero-day bug is marked critical and is actively exploited in the wild.

Microsoft issues out-of-band patches (Critical IE CVE-2019-1367 exploited in wild) Read More »

iOS exploit chains discovered in the wild

A group of hackers have been using compromised websites to launch watering hole attacks against iPhone users who visit the websites. The attacks also use five different exploit chains and exploit 0-day vulnerabilities that don’t require any user interaction.

iOS exploit chains discovered in the wild Read More »