Why “Just Patch It!” Isn’t as Easy as You Think
2017-05-15
At the Zero Day Initiative (ZDI), we see patches in a way few do. We get the initial report from a researcher, we verify the issue internally, we notify theRead More →
An NSA-derived ransomware worm is shutting down computers worldwide
2017-05-13
Wcry uses weapons-grade exploit published by the NSA-leaking Shadow Brokers. A highly virulent new strain of self-replicating ransomware shut down computers all over the world, in part by appropriating aRead More →
Vanilla Forums has a plain-flavoured zero-day
2017-05-12
PHPMailer bug leads to remote code execution via HTTP. Updated The popular Vanilla Forums software needs patching against a remote code execution zero-day first reported to the developers in DecemberRead More →
OnePlus OTAs: Analysis & Exploitation
2017-05-12
In this blog post we present new trivial vulnerabilities found on OnePlus One/X/2/3/3T OxygenOS & HydrogenOS. They affect the latest versions (4.1.3/3.0) and below. The vulnerabilities allow for a Man-in-the-MiddleRead More →
Exploiting the Linux kernel via packet sockets
2017-05-12
Lately I’ve been spending some time fuzzing network-related Linux kernel interfaces with syzkaller. Besides the recently discovered vulnerability in DCCP sockets, I also found another one, this time in packetRead More →
Sednit adds two zero-day exploits using ‘Trump’s attack on Syria’ as a decoy
2017-05-11
The Sednit group, also known as APT28, Fancy Bear and Sofacy, is a group of attackers operating since at least 2004 and whose main objective is to steal confidential informationRead More →
SESSION HIJACKING, COOKIE-STEALING WORDPRESS MALWARE SPOTTED
2017-05-11
Researchers have identified a strain of cookie stealing malware injected into a legitimate JavaScript file, that masquerades as a WordPress core domain. Cesar Anjos, a security analyst at Sucuri, aRead More →
iCloud Keychain vulnerability allowed hackers to Steal sensitive data
2017-05-10
Apple has recently fixed an iCloud Keychain vulnerability that could have been exploited by hackers to steal sensitive data from iCloud users. The flaw allowed hackers to run man-in-the-middle (MitM)Read More →
RSAUtil Ransomware (.helppme@india.com) Installed Via Hacked Remote Desktop Services
2017-05-10
Today we are going to take a quick look at a new ransomware called RSAUtil that was discovered by Emsisoft malware researcher xXToffeeXx. RSAUtil is distributed by the developer hacking into remote desktop servicesRead More →
Cisco patches switch hijacking hole – the one exploited by the CIA
2017-05-10
Telnet security flaw fix finally lands – or just use SSH, yeah? Cisco has patched a critical security flaw in its switches that can be potentially exploited by miscreants toRead More →
