Collaborate Disseminate
In February 2023, we found a zero-day exploit, supporting different versions and builds of Windows, including Windows 11. This particular zero-day was used by a sophisticated cybercrime group that carries out ransomware attacks. Continue reading Nokoyawa ransomware attacks with Windows zero-day
This blog was made possible through contributions from Fred Chidsey and Joseph Lozowski. The X-Force Vulnerability and Exploit Database shows that the number of zero days being released each year is on the rise, but X-Force has observed that only a few of these zero days are rapidly adopted by cyber criminals each year. While […]
The post X-Force Prevents Zero Day from Going Anywhere appeared first on Security Intelligence.
Continue reading X-Force Prevents Zero Day from Going Anywhere
Zero-day attacks are on the rise. Not only was 2021 a record-breaking year for the total number of zero-day attacks, but it also accounted for 40% of the zero-day breaches over the last decade. In part, this race to zero is tied to the sheer number of web, mobile and cloud-based applications being developed and […]
The post Zero-Day Exploits: The Anatomy of Unexpected Attacks appeared first on Security Intelligence.
Continue reading Zero-Day Exploits: The Anatomy of Unexpected Attacks
At the end of September, GTSC reported the finding of two 0-day vulnerabilities in Microsoft Exchange Server, CVE-2022-41040 and CVE-2022-41082. The cybersecurity community dubbed the pair of vulnerabilities ProxyNotShell. Continue reading CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange
Key statistics for 2022: ransomware, trojan bankers, miners and other financial malware, zero-day vulnerabilities and exploits, web attacks, threats for macOS and IoT. Continue reading Kaspersky Security Bulletin 2022. Statistics
PC malware statistics for Q3 2022 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices. Continue reading IT threat evolution in Q3 2022. Non-mobile statistics
We polled our experts from the GReAT team and have gathered a small number of key insights about what APT actors are likely to focus on in 2023. Continue reading Advanced threat predictions for 2023
We investigated CVE-2022-41352 and were able to confirm that unknown APT groups have actively been exploiting this vulnerability in the wild, one of which is systematically infecting servers in Central Asia. Continue reading Ongoing exploitation of CVE-2022-41352 (Zimbra 0-day)
Google has patched the fifth actively exploited zero-day vulnerability discovered in Chrome this year as one in a series of fixes included in a stable channel update released Wednesday. The bug, tracked as CVE-2022-2856 and rated as high on the Common … Continue reading Google Patches Chrome’s Fifth Zero-Day of the Year
Our non-mobile malware statistics for Q2 2022 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices. Continue reading IT threat evolution in Q2 2022. Non-mobile statistics