zero day – Page 25 – MCYSEKA-Maritime Cyber Security Knowledge Archive

Russian zero-day broker is willing to pay $20M for zero-day exploits for iPhones and Android devices

A Russian zero-day broker is willing to pay $20 million for zero-day exploits for iPhones and Android mobile devices. The Russian zero-day broker firm Operation Zero is increasing payouts for top-tier mobile exploits. The company is willing to pay up to $20,000,000 for zero-day exploits for iPhone and Android devices. The Russian company pointed out […]

The post Russian zero-day broker is willing to pay $20M for zero-day exploits for iPhones and Android devices appeared first on Security Affairs.

September 28, 2023

0 comment

Critical Vulnerability in libwebp Library

Both Apple and Google have recently reported critical vulnerabilities in their systems—iOS and Chrome, respectively—that are ultimately the result of the same vulnerability in the libwebp library:

On Thursday, researchers from security firm Rezillion published evidence that they said made it “highly likely” both indeed stemmed from the same bug, specifically in libwebp, the code library that apps, operating systems, and other code libraries incorporate to process WebP images.

Rather than Apple, Google, and Citizen Lab coordinating and accurately reporting the common origin of the vulnerability, they chose to use a separate CVE designation, the researchers said. The researchers concluded that “millions of different applications” would remain vulnerable until they, too, incorporated the libwebp fix. That, in turn, they said, was preventing automated systems that developers use to track known vulnerabilities in their offerings from detecting a critical vulnerability that’s under active exploitation…

September 27, 2023

0 comment

Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks

Predator spyware delivered to iPhones and Android devices using iOS and Chrome zero-day vulnerabilities and MitM attacks.
The post Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks appeared first on SecurityWeek.

September 25, 2023

0 comment

Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones

Apple has patched 3 zero-day vulnerabilities that have likely been exploited by a spyware vendor to hack iPhones.
The post Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones appeared first on SecurityWeek.

September 22, 2023

0 comment

Trend Micro Zero-day Vulnerability Let Attackers Run Arbitrary Code

If you use Trend Micro Apex One, you should know that the third-party Antivirus uninstaller feature may have a security hole. This flaw could make it possible for random code to be run. Even though the National Vulnerability Database (NVD) hasn’t…

September 21, 2023

0 comment

Trend Micro addresses actively exploited zero-day in Apex One and other security Products

Trend Micro addressed a zero-day code execution vulnerability (CVE-2023-41179) in Apex One that has been actively exploited in the wild. Trend Micro has released security updates to patch an actively exploited zero-day vulnerability, tracked as CVE-2023-41179, impacting endpoint security products, including Apex One, Apex One SaaS, and Worry-Free Business Security products. According to the security […]

The post Trend Micro addresses actively exploited zero-day in Apex One and other security Products appeared first on Security Affairs.

September 20, 2023

0 comment

Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products

Trend Micro has patched CVE-2023-41179, an Apex One zero-day code execution vulnerability that has been exploited in attacks.
The post Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products appeared first on SecurityWeek.

September 19, 2023

0 comment

Mozilla Zero-Day Vulnerability Exploited in the Wild – Patch Now!

In a race against time to safeguard user security, major browser vendors, including Google and Mozilla, have scrambled to release urgent updates in response to a critical vulnerability discovered in the WebP Codec. This newly unearthed vulnerabil…

September 13, 2023

0 comment

After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery

After Apple and Google, Mozilla has also patched an image processing-related zero-day vulnerability exploited by spyware.
The post After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery appeared first on SecurityWeek.

September 13, 2023

0 comment

Chrome Zero-Day Vulnerability Exploited in the Wild

Chrome’s Stable and Extended stable channels have been upgraded to 116.0.5845.187 for Mac and Linux and 116.0.5845.187/.188 for Windows as part of a security update. One “Critical” security upgrade is included in this release. In the …

September 13, 2023

0 comment

1 … 23 24 25 26 27 … 37