Zerodium Offers to Buy Zero-Day Exploits at Higher Prices Than Ever

Well, there’s some good news for hackers and vulnerability hunters, though terrible news for tech manufacturers! Exploit vendor Zerodium is now willing to offer significantly higher payouts for full, working zero-day exploits that allow stealing of data from WhatsApp, iMessage Read More …

Tildeb: Analyzing the 18-year-old Implant from the Shadow Brokers’ Leak

On April 14, 2017, The Shadow Brokers (TSB) leaked a bevy of hacking tools named “Lost in Translation.” This leak is notorious for having multiple zero-day remote code execution (RCE) vulnerabilities targeting critical protocols such as Server Message Block (SMB) and Remote Read More …

For the fourth month in a row, Microsoft patches Windows zero-day used in the wild

Today, Microsoft released its monthly security patches –known as the Patch Tuesday updates. This month the Redmond-based company fixed 38 vulnerabilities across a large set of products. For the fourth month in a row, Microsoft patched a Windows OS zero-day Read More …

New Adobe Flash Zero-Day Exploit Found Hidden Inside MS Office Docs

Cybersecurity researchers have discovered a new zero-day vulnerability in Adobe Flash Player that hackers are actively exploiting in the wild as part of a targeted campaign appears to be attacking a Russian state health care institution. The vulnerability, tracked as CVE-2018-15982, Read More …

UK’s NCSC Explains How They Handle Discovered Vulnerabilities

When the United Kingdom’s National Cyber Security Center (NCSC) performs operational tasks, they may find vulnerabilities in software, hardware, websites, or critical infrastructure. When they find these vulnerabilities, they go through a review process called the “Equities Process” that determines Read More …

Almost 50 Percent of 2018 Vulnerabilities Can Be Exploited Remotely

Approximately half of all vulnerabilities disclosed during 2018 come with a remote attack vector while only 13% of them require local access according to Risk Based Security’s 2018 Q3 Vulnerability Quick View Report. As reported by Risk Based Security, 16,172 vulnerabilities Read More …