Collaborate Disseminate
A security researcher with Twitter alias SandboxEscaper—who two months ago publicly dropped a zero-day exploit for Microsoft Windows Task Scheduler—has yesterday released another proof-of-concept exploit for a new Windows zero-day vulnerability.
Sandb… Continue reading Hacker Discloses New Windows Zero-Day Exploit On Twitter
Security experts discovered a zero-day vulnerability affecting Microsoft Windows that is used by hackers to launch targeted attacks. It is being tracked in the CVE-2018-8453 advisory which describes it as a weakness in a Win32 Driver file. Microsoft ha… Continue reading CVE-2018-8453: Microsoft Windows Zero-Day Vulnerability Used in Attacks Worldwide
Microsoft has just released its latest monthly Patch Tuesday updates for October 2018, fixing a total of 49 security vulnerabilities in its products.
This month’s security updates address security vulnerabilities in Microsoft Windows, Edge Browser, In… Continue reading Microsoft October Patch Tuesday Fixes 12 Critical Vulnerabilities
CVE-2018-8373 is a severe remote code execution vulnerability which was fixed in August 2018 Patch Tuesday. The vulnerability was located in Internet Explorer and the way it manages objects in memory. At the time the advisory was published, there were…. Continue reading Recently Patched CVE-2018-8373 Used in Active Exploits
A security researcher has publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows operating system (including server editions) after the company failed to patch a responsibly disclosed bug within the 120-da… Continue reading Researcher Discloses New Zero-Day Affecting All Versions of Windows
Following last year’s disclosure of the BlueBorne vulnerability security experts note that about 2 billion Bluetooth devices are still affected by it. BlueBorne is a collection of bugs that allow the hackers to intrude into them. Many of these de… Continue reading 2 Billion Bluetooth Devices Still Affected by the Blueborne Vulnerability
Users of the Mega.nz file hosting and sharing service were targeted through a supply chain attack in which hackers replaced the company’s official Chrome extension with a malicious version. The attack happened Sept. 4 at 14:30 UTC (10:30 a.m. ES… Continue reading Hackers Replace MEGA Chrome Extension with Trojanized Version
A previously unknown vulnerability that allows attackers to obtain SYSTEM privileges on Windows computers has been publicly disclosed. Someone with the username SandboxEscaper posted a link to a proof-of-concept exploit on Twitter and then deleted the… Continue reading Someone Dropped a Windows Zero-Day Exploit on GitHub
A new zero-day vulnerability was recently made public following a Tweet from @SandboxEscaper, who claimed to be frustrated with Microsoft and, apparently, their bug submission process. The tweet included a link to the proof-of-concept for the alleged z… Continue reading Windows Zero-Day Vulnerability Comes With PoC on GitHub
Computer hackers have devised a new way to infect target hosts by using malicious Windows 10 shortcuts. This strategy is being used at large by numerous hacker groups and individual hackers as it is relatively easy to implement. The malicious…Read mo… Continue reading Malicious Windows 10 Shortcuts Allow Code Execution