Zero Day – WindowsTechs.com

Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days

Posted on November 18, 2024 by Bruce Schneier

Zero-day vulnerabilities are more commonly used, according to the Five Eyes:

Key Findings

In 2023, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority targets. In 2023, the majority of the most frequently exploited vulnerabilities were initially exploited as a zero-day, which is an increase from 2022, when less than half of the top exploited vulnerabilities were exploited as a zero-day.

Malicious cyber actors continue to have the most success exploiting vulnerabilities within two years after public disclosure of the vulnerability. The utility of these vulnerabilities declines over time as more systems are patched or replaced. Malicious cyber actors find less utility from zero-day exploits when international cybersecurity efforts reduce the lifespan of zero-day vulnerabilities…

Continue reading Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days→

AIs Discovering Vulnerabilities

Posted on November 5, 2024 by Bruce Schneier

I’ve been writing about the possibility of AIs automatically discovering code vulnerabilities since at least 2018. This is an ongoing area of research: AIs doing source code scanning, AIs finding zero-days in the wild, and everything in between. The AIs aren’t very good at it yet, but they’re getting better.

Here’s some anecdotal data from this summer:

Since July 2024, ZeroPath is taking a novel approach combining deep program analysis with adversarial AI agents for validation. Our methodology has uncovered numerous critical vulnerabilities in production systems, including several that traditional Static Application Security Testing (SAST) tools were ill-equipped to find. This post provides a technical deep-dive into our research methodology and a living summary of the bugs found in popular open-source tools…

Continue reading AIs Discovering Vulnerabilities→

Zero-Day Breach at Rackspace Sparks Vendor Blame Game

Posted on October 2, 2024 by Ryan Naraine

A breach at Rackspace exposes the fragility of the software supply chain, triggering a blame game among vendors over an exploited zero-day.
The post Zero-Day Breach at Rackspace Sparks Vendor Blame Game appeared first on SecurityWeek.
Continue reading Zero-Day Breach at Rackspace Sparks Vendor Blame Game→

Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day

Posted on September 16, 2024 by Ionut Arghire

Microsoft warns that a recently patched Windows vulnerability was exploited in the wild as a zero-day prior to July 2024.
The post Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day appeared first on SecurityWeek.
Continue reading Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day→

New Chrome Zero-Day

Posted on September 10, 2024 by Bruce Schneier

According to Microsoft researchers, North Korean hackers have been using a Chrome zero-day exploit to steal cryptocurrency.
Continue reading New Chrome Zero-Day→

Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs

Posted on August 29, 2024 by Fiona Jackson

There are approximately 163 devices worldwide that are still exposed to attack via the CVE-2024-39717 vulnerability. Continue reading Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs→

Censys Finds Hundreds of Exposed Servers as Volt Typhoon APT Targets ISPs, MSPs

Posted on August 28, 2024 by Ryan Naraine

Amidst Volt Typhoon zero-day exploitation, Censys finds hundreds of exposed servers presenting ripe attack surface for attackers.
The post Censys Finds Hundreds of Exposed Servers as Volt Typhoon APT Targets ISPs, MSPs appeared first on SecurityWeek.
Continue reading Censys Finds Hundreds of Exposed Servers as Volt Typhoon APT Targets ISPs, MSPs→

WPS Office Zero-Day Exploited by South Korea-Linked Cyberspies

Posted on August 28, 2024 by Eduard Kovacs

A WPS Office zero-day vulnerability tracked as CVE⁠-⁠2024⁠-⁠7262 was exploited by South Korean hacker group APT-C-60.
The post WPS Office Zero-Day Exploited by South Korea-Linked Cyberspies appeared first on SecurityWeek.
Continue reading WPS Office Zero-Day Exploited by South Korea-Linked Cyberspies→

Google Warns of Exploited Chrome Vulnerability

Posted on August 27, 2024 by Ionut Arghire

Google flags another high-severity vulnerability patched with the latest Chrome 128 release as exploited in the wild.
The post Google Warns of Exploited Chrome Vulnerability appeared first on SecurityWeek.
Continue reading Google Warns of Exploited Chrome Vulnerability→

Google Patches Sixth Exploited Chrome Zero-Day of 2024

Posted on August 22, 2024 by Ionut Arghire

Chrome 128 was released in the stable channel with patches for 38 vulnerabilities, including a V8 JavaScript engine flaw exploited in the wild.
The post Google Patches Sixth Exploited Chrome Zero-Day of 2024 appeared first on SecurityWeek.
Continue reading Google Patches Sixth Exploited Chrome Zero-Day of 2024→