Showing only posts tagged zeroday. Show all posts.

FortiGate admins report active exploitation 0-day. Vendor isn’t talking.

Source

Fortinet, a maker of network security software, has kept a critical vulnerability under wraps for more than a week amid reports that attackers are using it to execute malicious code on servers used by sensitive customer organizations. Fortinet representatives didn’t respond to emailed questions and have yet to …

WinRAR 0-day that uses poisoned JPG and TXT files under exploit since April

Source

Enlarge (credit: Getty Images) A newly discovered zero-day in the widely used WinRAR file-compression program has been exploited for four months by unknown attackers who are using it to install malware when targets open booby-trapped JPGs and other innocuous inside file archives. The vulnerability, residing in the way WinRAR …

How an unpatched Microsoft Exchange 0-day likely caused one of the UK’s biggest hacks ever

Source

Enlarge / Building with Microsoft logo. (credit: Getty Images) It’s looking more and more likely that a critical zero-day vulnerability that went unfixed for more than a month in Microsoft Exchange was the cause of one of the UK’s biggest hacks ever—the breach of the country’s …

Critical Barracuda 0-day was used to backdoor networks for 8 months

Source

Enlarge (credit: Getty Images ) A critical vulnerability patched 10 days ago in widely used email software from IT security company Barracuda Networks has been under active exploitation since October. The vulnerability has been used to install multiple pieces of malware inside large organization networks and steal data, Barracuda said …

Hackers drain bitcoin ATMs of $1.5 million by exploiting 0-day bug

Source

Enlarge / A BATM sold by General Bytes. (credit: General Bytes) Hackers drained millions of dollars in digital coins from cryptocurrency ATMs by exploiting a zero-day vulnerability, leaving customers on the hook for losses that can’t be reversed, the kiosk manufacturer has revealed. The heist targeted ATMs sold by …