Collaborate Disseminate
Well, there’s some good news for hackers and vulnerability hunters, though terrible news for Google, Android device manufacturers, and their billions of users worldwide.
The zero-day buying and selling industry has recently taken a shift towards Andro… Continue reading Exploit Reseller Offering Up To $2.5 Million For Android Zero-Days
Webinar examines challenges in patch management and offers solutions to streamline the process. Continue reading Streamlining Patch Management: Expert Advice
An anonymous security researcher going by the name of SandboxEscaper today publicly shared a second zero-day exploit that can be used to bypass a recently patched elevation of privilege vulnerability in the Microsoft Windows operating system.
SandboxE… Continue reading Hacker Discloses Second Zero-Day to Bypass Patch for Windows EoP Flaw
In a shocking revelation, it turns out that a hacking group believed to be sponsored by Chinese intelligence had been using some of the zero-day exploits linked to the NSA’s Equation Group almost a year before the mysterious Shadow Brokers group leaked… Continue reading Chinese Hackers Used NSA Hacking Tools Before Shadow Brokers Leaked Them
You must update your Google Chrome immediately to the latest version of the web browsing application.
Security researcher Clement Lecigne of Google’s Threat Analysis Group discovered and reported a high severity vulnerability in Chrome late last month… Continue reading New Google Chrome Zero-Day Vulnerability Found Actively Exploited in the Wild
Wi-Fi chips used in several gaming consoles, Chromebooks, streaming boxes, routers and other types of devices have several firmware vulnerabilities that could allow attackers to compromise those systems over the air with no user interaction. The vulne… Continue reading Wi-Fi Chip Firmware Flaws Enable Over-the-Air Hacking
A new unpatched vulnerability in Windows has been disclosed along with proof-of-concept exploit code. It could allow hackers to more easily install malware on computers, but it requires user interaction. The vulnerability was discovered by a security … Continue reading Windows VCF Zero-Day Exploit Allows Remote Code Execution
Well, there’s some good news for hackers and vulnerability hunters, though terrible news for tech manufacturers!
Exploit vendor Zerodium is now willing to offer significantly higher payouts for full, working zero-day exploits that allow stealing of da… Continue reading Zerodium Offers to Buy Zero-Day Exploits at Higher Prices Than Ever
A security researcher released exploit code for an unpatched bug in Windows that could allow an attacker with limited privileges to delete system files. Exploiting the bug requires winning a race condition on the machine, so a successful exploit can t… Continue reading New Windows Zero-day Bug Allows Deleting Arbitrary Files
A security researcher who uses the online handle SandboxEscaper has published proof-of-concept exploit code for an unpatched vulnerability in Windows. The flaw is located in the “MsiAdvertiseProduct” function, which, according to Microsoft… Continue reading Researcher Drops Third Windows Zero-Day Exploit in Four Months