Security
Headlines
HeadlinesLatestCVEs

Tag

#zero_day

New iOS Trojan “GoldPickaxe” Steals Facial Recognition Data

By Deeba Ahmed This is the first instance of an iOS trojan that has been found stealing facial data from victims. This is a post from HackRead.com Read the original post: New iOS Trojan “GoldPickaxe” Steals Facial Recognition Data

HackRead
Open in Source
#web#ios#android#apple#git#intel#asus#auth#zero_day
How ransomware changed in 2023

In 2023, the CL0P ransomware gang broke the scalability barrier and shook the security world with a series of short, automated campaigns.

Update now! Microsoft fixes two zero-days on February Patch Tuesday

Microsoft has issued patches for 73 security vulnerabilities in its February 2024 Patch Tuesday.

Zero-Day in QNAP QTS Affects NAS Devices Globally

By Deeba Ahmed QNAP has released fixes for the zero-day vulnerability, so it's important to install them immediately. This is a post from HackRead.com Read the original post: Zero-Day in QNAP QTS Affects NAS Devices Globally

DarkMe Malware Targets Traders Using Microsoft SmartScreen Zero-Day Vulnerability

A newly disclosed security flaw in the Microsoft Defender SmartScreen has been exploited as a zero-day by an advanced persistent threat actor called Water Hydra (aka DarkCasino) targeting financial market traders. Trend Micro, which began tracking the campaign in late December 2023, said it entails the exploitation of CVE-2024-21412, a security bypass vulnerability related to Internet

Microsoft Rolls Out Patches for 73 Flaws, Including 2 Windows Zero-Days

Microsoft has released patches to address 73 security flaws spanning its software lineup as part of its Patch Tuesday updates for February 2024, including two zero-days that have come under active exploitation. Of the 73 vulnerabilities, 5 are rated Critical, 65 are rated Important, and three and rated Moderate in severity. This is in addition to 24 flaws that have been fixed

Fat Patch Tuesday, February 2024 Edition

Microsoft Corp. today pushed software updates to plug more than 70 security holes in its Windows operating systems and related products, including two zero-day vulnerabilities that are already being exploited in active attacks.

First Microsoft Patch Tuesday zero-day of 2024 disclosed as part of group of 75 vulnerabilities

Although considered of moderate risk, one of the vulnerabilities is being actively exploited in the wild — CVE-2024-21351, a security feature bypass vulnerability in Windows SmartScreen.

Ivanti VPN Flaws Exploited by DSLog Backdoor and Crypto Miners

By Deeba Ahmed Ivanti has released patches for vulnerabilities found in its enterprise VPN appliances, including two flagged as exploited zero-days… This is a post from HackRead.com Read the original post: Ivanti VPN Flaws Exploited by DSLog Backdoor and Crypto Miners

U.S. Offers $10 Million Bounty for Info Leading to Arrest of Hive Ransomware Leaders

The U.S. Department of State has announced monetary rewards of up to $10 million for information about individuals holding key positions within the Hive ransomware operation. It is also giving away an additional $5 million for specifics that could lead to the arrest and/or conviction of any person "conspiring to participate in or attempting to participate in Hive ransomware activity."