Showing only posts tagged zerodays. Show all posts.

“Highly capable” hackers root corporate networks by exploiting firewall 0-day

Source

Enlarge (credit: Getty Images ) Highly capable hackers are rooting multiple corporate networks by exploiting a maximum-severity zero-day vulnerability in a firewall product from Palo Alto Networks, researchers said Friday. The vulnerability, which has been under active exploitation for at least two weeks now, allows the hackers with no authentication …

Agencies using vulnerable Ivanti products have until Saturday to disconnect them

Source

Enlarge (credit: Getty Images) Federal civilian agencies have until midnight Saturday morning to sever all network connections to Ivanti VPN software, which is currently under mass exploitation by multiple threat groups. The US Cybersecurity and Infrastructure Security Agency mandated the move on Wednesday after disclosing three critical vulnerabilities in …

Actively exploited 0-days in Ivanti VPN are letting hackers backdoor networks

Source

Enlarge (credit: Getty Images ) Unknown threat actors are actively targeting two critical zero-day vulnerabilities that allow them to bypass two-factor authentication and execute malicious code inside networks that use a widely used virtual private network appliance sold by Ivanti, researchers said Wednesday. Ivanti reported bare-bones details concerning the zero-days …

4 vulnerabilities under attack give hackers full control of Android devices

Source

Enlarge (credit: Getty Images ) Unknown hackers have been exploiting four Android vulnerabilities that allow the execution of malicious code that can take complete control of devices, Google warned on Wednesday. All four of the vulnerabilities were disclosed two weeks ago in Google’s Android Security Bulletin for May. Google …

Chrome users have faced 3 security concerns over the past 24 hours

Source

(credit: Chrome ) Users of Google’s Chrome browser have faced three security concerns over the past 24 hours in the form of a malicious extension with more than 2 million users, a just-fixed zero-day, and new information about how malware can abuse Chrome's sync feature to bypass firewalls. Let …