Tag Archives: zero day exploit

Not Just Criminals, But Governments Were Also Using MS Word 0-Day Exploit

Recently we reported about a critical code execution vulnerability in Microsoft Word that was being exploited in the wild by cyber criminal groups to distribute malware like Dridex banking trojans and Latentbot.

Now, it turns out that the same previously undisclosed vulnerability in Word (CVE-2017-0199) was also actively being exploited by the government-sponsored hackers to spy on Russian

Beware of an Unpatched Microsoft Word 0-Day Flaw being Exploited in the Wild

It’s 2017, and opening a simple MS Word file could compromise your system.

Security researchers are warning of a new in-the-wild attack that silently installs malware on fully-patched computers by exploiting a serious — and yet unpatched — zero-day vulnerability in all current versions of Microsoft Office on fully-patched PCs.

The Microsoft Office zero-day attack, uncovered by researchers

Shadow Brokers Group Releases More Stolen NSA Hacking Tools & Exploits

Remember The Shadow Brokers? They are back.

A hackers group that previously claimed to have stolen a bunch of hacking tools (malware, zero-day exploits, and implants) created by the NSA and gained popularity last year for leaking a portion of those tools is back.

Today, The Shadow Brokers group released more alleged hacking tools and exploits that, the group claims, belonged to “Equation

New Apache Struts Zero-Day Vulnerability Being Exploited in the Wild

Security researchers have discovered a Zero-Day vulnerability in the popular Apache Struts web application framework, which is being actively exploited in the wild.

Apache Struts is a free, open-source, Model-View-Controller (MVC) framework for creating elegant, modern Java web applications, which supports REST, AJAX, and JSON.

In a blog post published Monday, Cisco’s Threat intelligence

FBI Hacked, Again! Hacker Leaks Data After Agency Failed to Patch Its Site

It seems like the FBI has been hacked, once again!

A hacker, using Twitter handle CyberZeist, has claimed to have hacked the FBI’s website (fbi.gov) and leaked personal account information of several FBI agents publically.

CyberZeist had initially exposed the flaw on 22 December, giving the FBI time to patch the vulnerability in its website’s code before making the data public.

The hacker

Ex-NSA Contractor Stole 50 TB of Classified Data; Includes Top-Secret Hacking Tools

Almost two months ago, the FBI quietly arrested NSA contractor Harold Thomas Martin III for stealing an enormous number of top secret documents from the intelligence agency.

Now, according to a court document filed Thursday, the FBI seized at least 50 terabytes of data from 51-year-old Martin that he siphoned from government computers over two decades.

The stolen data that are at least 500

Zerodium Offers $1.5 Million Bounty For iOS Zero-Day Exploits

Well, there’s some good news for Hackers and Bug hunters, though a terrible news for Apple!

Exploit vendor Zerodium has tripled its bug bounty for an Apple’s iOS 10 zero-day exploit, offering a maximum payout of $US1.5 Million.

Yes, $1,500,000.00 Reward.

That’s more than seven times what Apple is offering (up to $200,000) for iOS zero-days via its private, invite-only bug bounty program.
<

Leaked NSA Hacking Tools Were 'Mistakenly' Left By An Agent On A Remote Server

If you are a hacker, you might have enjoyed the NSA’s private zero-day exploits, malware and hacking tools that were leaked last month.

But the question is: How these hacking tools ended up into the hands of hackers?

It has been found that the NSA itself was not directly hacked, but a former NSA employee carelessly left those hacking tools on a remote server three years ago after an

Cisco finds new Zero-Day Exploit linked to NSA Hackers

Network equipment vendor Cisco is finally warning its customers of another zero-day vulnerability the company discovered in the trove of NSA’s hacking exploits and implants leaked by the group calling itself “The Shadow Brokers.”

Last month, the Shadow Brokers published firewall exploits, implants, and hacking tools allegedly stolen from the NSA’s Equation Group, which was designed to target

Microsoft and Adobe Rolls Out Critical Security Updates – Patch Now!

In BriefYou should not miss this month’s Patch Updates, as it brings fixes for critical issues in Adobe Flash Player, iOS, Xcode, the Apple Watch, Windows, Internet Explorer, and the Edge browser.

Adobe has rolled out a critical update to address several issues, most of which are Remote Code Execution flaws, in its widely-used Adobe Flash Player for Windows, Macintosh, Linux and ChromeOS.