Zero-Day Coverage Update – Week of July 23, 2018

Credit to Author: Elisa Lippincott (Global Threat Communications)| Date: Fri, 27 Jul 2018 12:00:54 +0000

We’re at the end of July and the Zero Day Initiative (ZDI) has published 873 advisories so far. That’s 273 advisories this month alone – and that’s just the tip of the iceberg! Earlier this week, ZDI announced the Targeted Incentive Program, which brings over $1,500,000 USD in special bounty awards for specific targets. With…

The post Zero-Day Coverage Update – Week of July 23, 2018 appeared first on .

Read more

Zero-Day Coverage Update – Week of July 2, 2018

Credit to Author: Elisa Lippincott (Global Threat Communications)| Date: Fri, 06 Jul 2018 13:51:43 +0000

The General Data Protection Regulation (GDPR) has been up and running for a couple of months now and your organization is compliant. It’s time to take a little break – well, not so fast! Late last week, the State of California passed a new data privacy law called the California Consumer Privacy Act of 2018….

The post Zero-Day Coverage Update – Week of July 2, 2018 appeared first on .

Read more

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of June 25, 2018

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 29 Jun 2018 14:18:45 +0000

I have never reverse engineered anything, but I did dismantle a Betamax VCR and put it back together without an instruction manual. My little brother liked to use the tape slot as a garage for his Hot Wheels® toy cars. We were usually able to take out the cars without any issues, but one day,…

The post TippingPoint Threat Intelligence and Zero-Day Coverage – Week of June 25, 2018 appeared first on .

Read more

CVE-2018-5002 – Adobe Flash Player Stack Buffer Overflow Vulnerability Alert!

Credit to Author: Sameer Patil| Date: Fri, 08 Jun 2018 09:59:53 +0000

The recent zero-day vulnerability CVE-2018-5002 in Adobe Flash Player enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSB18-19 on June 7, 2018 to address this issue. According to Adobe, the in-wild exploit is being used in limited, targeted attacks and it…

Read more

CVE-2018-4990 – Adobe Reader Double Free (Zero Day) vulnerability alert!

Credit to Author: Prashant Kadam| Date: Wed, 16 May 2018 13:10:48 +0000

The recent zero-day vulnerability CVE-2018-4990 in Adobe Reader enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSB18-09 on May 14, 2018 to address this issue. According to Adobe, the in-wild attack is targeted and it impacts limited Windows users. Vulnerable versions…

Read more

Adobe Reader zero-day discovered alongside Windows vulnerability

Credit to Author: Jérôme Segura| Date: Tue, 15 May 2018 18:44:14 +0000

A new Adobe Reader zero-day exploit has been discovered, including a full sandbox escape.

Categories:

Tags:

(Read more…)

The post Adobe Reader zero-day discovered alongside Windows vulnerability appeared first on Malwarebytes Labs.

Read more

Internet Explorer zero-day: browser is once again under attack

Credit to Author: Jérôme Segura| Date: Thu, 10 May 2018 19:58:00 +0000

Internet Explorer is yet again leveraged for a zero-day exploit delivered via Office document—the first zero-day observed for IE in over two years.

Categories:

Tags:

(Read more…)

The post Internet Explorer zero-day: browser is once again under attack appeared first on Malwarebytes Labs.

Read more

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 30, 2018

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 04 May 2018 12:00:08 +0000

When I was little, I discovered the joy of jumping on the bed. While it was fun to jump on the bed, I wanted to make it more challenging so I started to imitate the ski jumpers I had seen during the 1976 Winter Olympics and jump from my parents’ dresser to the bed. I…

The post TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 30, 2018 appeared first on .

Read more

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 23, 2018

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 27 Apr 2018 12:00:45 +0000

I was having dinner with friends recently and one of the newer members of the group asked me what I did for a living. I told him that I worked for a cybersecurity company and his reply was, “I don’t need to worry about security – I have a MacBook.” I thought that at any…

The post TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 23, 2018 appeared first on .

Read more

An analysis of an MS office document exploiting a zero-day flash player vulnerability (CVE-2018-4878)

Credit to Author: Quick Heal Security Labs| Date: Wed, 07 Feb 2018 13:59:42 +0000

Important update! Adobe Systems released a critical security update on 6.02.2017 to fix the vulnerability discussed in this post. We recommend you to apply the update immediately. Summary of the vulnerability CVE-2018-4878 is a use-after-free vulnerability present in Adobe Flash Player 28.0.0.137 and its earlier versions are being exploited in…

Read more

CVE-2018-4878 – Adobe Flash Player use after free (Zero Day) vulnerability Alert!

Credit to Author: Pradeep Kulkarni| Date: Sat, 03 Feb 2018 09:39:38 +0000

The recent zero-day vulnerability CVE-2018-4878 in Adobe Flash Player enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSA18-01 on February 2, 2018 to address this issue. According to Adobe the in wild attack is targeted and it impacts limited windows users….

Read more