Microsoft’s March dump of patches fixes two actively exploited zero-day vulnerabilities, including a critical severity issue the Outlook email client that Russian threat actors are using to target European companies. The other zero day vulnerability is a moderately-severe security feature bypass vulnerability in the Windows SmartScreen, a cloud-based anti-phishing and anti-malware software. Read More
Posts Tagged ‘zero day’
15
Mar
2023
A zero-day vulnerability in FortiOS SSL-VPN that Fortinet addressed last month was exploited by unknown actors in attacks targeting the government and other large organizations. “The complexity of the exploit suggests an advanced actor and that it is highly targeted at governmental or government-related targets,” Fortinet researchers said in a post-mortem analysis published this week. […]
The flaws, tracked as CVE-2021-25337, CVE-2021-25369 and CVE-2021-25370, have been chained and exploited against Android phones, but they impact custom Samsung components. The security holes have been described as an arbitrary file read/write issue via a custom clipboard content provider, a kernel information leak, and a use-after-free in the display processing unit driver. Read More
WEDNESDAY, APRIL 24, 2024
WHITE PAPERS
Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...
ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...
Latest Comments