Exploits and vulnerabilities in Q1 2024
The report provides vulnerability and exploit statistics, key trends, and analysis of interesting vulnerabilities discovered in Q1 2024. Continue reading Exploits and vulnerabilities in Q1 2024
Category Archives: Vulnerabilities and exploits
A patched Windows attack surface is still exploitable
In this report, we highlight the key points about a class of recently-patched elevation-of-privilege vulnerabilities affecting Microsoft Windows, and then focus on how to check if any of them have been exploited or if there have been any attempts to exploit them. Continue reading A patched Windows attack surface is still exploitable
Top 10 web application vulnerabilities in 2021–2023
Our Security assessment team set up rankings that reflected our take on the most widespread and critical web application vulnerabilities as viewed through a prism of eight years’ experience. Continue reading Top 10 web application vulnerabilities in 2021–2023
An educational robot security research
Security research into an AI robot for kids revealed several vulnerabilities enabling a cybercriminal to take over device control and to video-chat with the kid. Continue reading An educational robot security research
Operation Triangulation: The last (hardware) mystery
Recent iPhone models have additional hardware-based security protection for sensitive regions of the kernel memory. We discovered that to bypass this hardware-based security protection, the attackers used another hardware feature of Apple-designed SoCs. Continue reading Operation Triangulation: The last (hardware) mystery
Windows CLFS and five exploits used by ransomware operators (Exploit #4 – CVE-2023-23376)
This is part five of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Continue reading Windows CLFS and five exploits used by ransomware operators (Exploit #4 – CVE-2023-23376)
Windows CLFS and five exploits used by ransomware operators (Exploit #3 – October 2022)
This is part four of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Continue reading Windows CLFS and five exploits used by ransomware operators (Exploit #3 – October 2022)
Windows CLFS and five exploits used by ransomware operators (Exploit #2 – September 2022)
This is the third part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Continue reading Windows CLFS and five exploits used by ransomware operators (Exploit #2 – September 2022)
Windows CLFS and five exploits used by ransomware operators
We had never seen so many CLFS driver exploits being used in active attacks before, and then suddenly there are so many of them captured in just one year. Is there something wrong with the CLFS driver? Are all these vulnerabilities similar? These questions encouraged me to take a closer look at the CLFS driver and its vulnerabilities. Continue reading Windows CLFS and five exploits used by ransomware operators
Windows CLFS and five exploits used by ransomware operators (Exploit #1 – CVE-2022-24521)
This is the second part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Continue reading Windows CLFS and five exploits used by ransomware operators (Exploit #1 – CVE-2022-24521)