Tag: zero-day vulnerabilities
Dazz Unveils AI-Powered Automated Remediation for Application Security Posture Management
PRESS RELEASEDazz, the leader in security remediation, today announced new capabilities in the Dazz Unified Remediation Platform, including automated code-fixes for container vulnerabilities, AI-driven...
Breaking News
FBI Director Wray Issues Dire Warning on China’s Cybersecurity Threat
FBI Director Christopher Wray this week delivered what might be the starkest warning yet on the threat that China-backed hackers pose to US national...
Microsoft Patch Tuesday Tsunami: No Zero-Days, but an Asterisk
Microsoft outdid itself with this month's Patch Tuesday releases, which contain no zero-day patches, though at least one of the patches addresses a flaw...
CISO Corner: Cyber-Pro Swindle; New Faces of Risk; Cyber Boosts Valuation
Welcome to CISO Corner, Dark Reading's weekly digest of articles tailored specifically to security operations readers and security leaders. Every week, we offer articles...
Russia-Sponsored Cyberattackers Infiltrate Microsoft’s Code Base
The Russian state-sponsored advanced persistent threat (APT) group known as Midnight Blizzard has nabbed Microsoft source code after accessing internal repositories and systems, as...
Volt Typhoon Hits Multiple Electric Utilities, Expands Cyber Activity
The portion of China's Volt Typhoon advanced persistent threat (APT) that focuses on infiltrating operational technology (OT) networks in critical infrastructure has already performed...
Attackers Exploit Microsoft Security-Bypass Zero-Day Bugs
Microsoft's scheduled Patch Tuesday security update for February includes fixes for two zero-day security vulnerabilities under active attack, plus 71 other flaws across a...
Ivanti Zero-Day Patches Delayed as ‘KrustyLoader’ Attacks Mount
Attackers are using a pair of critical zero-day vulnerabilities in Ivanti VPNs to deploy a Rust-based set of backdoors, which in turn download a...
ICS Ransomware Danger Rages Despite Fewer Attacks
Despite takedowns of top ransomware groups, those remaining threat actors have continued to develop new tricks, while maintaining their ability to capitalize on zero-day...
Pwn2Own 2024: Tesla Hacks, Dozens of Zero-Days in Electrical Vehicles
In just two days at Pwn2Own 2024 in Tokyo, researchers have compromised a bevy of electric vehicle chargers, operating systems, Tesla components, and unearthed...
Days After Google, Apple Reveals Exploited Zero-Day in Browser Engine
Apple has patched an actively exploited zero-day bug in its WebKit browser engine for Safari.The bug, assigned as CVE-2024-23222, stems from a type confusion...
Third Ivanti Vulnerability Exploited in the Wild, CISA Reports
A critical vulnerability affecting Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2023-35082, has been added to CISA's Known Exploited Vulnerabilities (KEV) Catalog.The vulnerability has...
Google Fixes Serious Zero-Day Vulnerabilities
Tyler Cross Published on: January 18, 2024 Google patched a serious zero-day vulnerability with the company’s web browser, Google...
Latest Intelligence
