Zero-day vulnerabilities – WindowsTechs.com

How ToddyCat tried to hide behind AV software

Posted on April 7, 2025 by Andrey Gunkin

While analyzing a malicious DLL library used in attacks by APT group ToddyCat, Kaspersky expert discovered the CVE 2024-11859 vulnerability in a component of ESET’s EPP solution. Continue reading How ToddyCat tried to hide behind AV software→

Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain

Posted on March 25, 2025 by Igor Kuznetsov, Boris Larin

Kaspersky GReAT experts discovered a complex APT attack on Russian organizations dubbed Operation ForumTroll, which exploits zero-day vulnerabilities in Google Chrome. Continue reading Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain→

Exploits and vulnerabilities in Q3 2024

Posted on December 6, 2024 by Alexander Kolesnikov

The report contains statistics on vulnerabilities and exploits, with an analysis of interesting vulnerabilities found in Q3 2024, such as regreSSHion Continue reading Exploits and vulnerabilities in Q3 2024→

APT trends report Q3 2024

Posted on November 28, 2024 by GReAT

The report features the most significant developments relating to APT groups in Q3 2024, including hacktivist activity, new APT tools and campaigns. Continue reading APT trends report Q3 2024→

Сrimeware and financial cyberthreats in 2025

Posted on November 14, 2024 by GReAT

Kaspersky’s GReAT looks back on the 2024 predictions about financial and crimeware threats, and explores potential cybercrime trends for 2025. Continue reading Сrimeware and financial cyberthreats in 2025→

The Crypto Game of Lazarus APT: Investors vs. Zero-days

Posted on October 23, 2024 by Boris Larin, Vasily Berdnikov

Kaspersky GReAT experts break down the new campaign of Lazarus APT which uses social engineering and exploits a zero-day vulnerability in Google Chrome for financial gain. Continue reading The Crypto Game of Lazarus APT: Investors vs. Zero-days→

Exploits and vulnerabilities in Q2 2024

Posted on August 21, 2024 by Vitaly Morgunov, Alexander Kolesnikov

The report contains statistics on vulnerabilities and exploits, with an analysis of interesting vulnerabilities found in Q2 2024. Continue reading Exploits and vulnerabilities in Q2 2024→

QakBot attacks with Windows zero-day (CVE-2024-30051)

Posted on May 14, 2024 by Boris Larin, Mert Degirmenci

In April 2024, while researching CVE-2023-36033, we discovered another zero-day elevation-of-privilege vulnerability, which was assigned CVE-2024-30051 identifier and patched on May, 14 as part of Microsoft’s patch Tuesday. We have seen it exploited by QuakBot and other malware. Continue reading QakBot attacks with Windows zero-day (CVE-2024-30051)→

New Ivanti Secure VPN Zero-Day Vulnerabilities and Patches

Posted on January 12, 2024 by Cedric Pernet

Read details about the new Ivanti VPN zero-day vulnerabilities, along with the latest information about patches. Most of the exposed VPN appliances are reported to be in the U.S., followed by Japan and Germany. Continue reading New Ivanti Secure VPN Zero-Day Vulnerabilities and Patches→

Operation Triangulation: The last (hardware) mystery

Posted on December 27, 2023 by Boris Larin

Recent iPhone models have additional hardware-based security protection for sensitive regions of the kernel memory. We discovered that to bypass this hardware-based security protection, the attackers used another hardware feature of Apple-designed SoCs. Continue reading Operation Triangulation: The last (hardware) mystery→