Discloses

Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack

Apr 20, 2024 by iHash Leave a Comment

Apr 20, 2024NewsroomVulnerability / Network Security Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as "intricate" and a combination of two bugs in versions PAN-OS 10.2, PAN-OS … [Read more...] about Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack

Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation

Jan 31, 2024 by iHash Leave a Comment

Jan 31, 2024NewsroomVulnerability / Zero Day Ivanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is said to have come under targeted exploitation in the wild. The list of vulnerabilities is as follows - CVE-2024-21888 (CVSS score: 8.8) - A privilege escalation vulnerability in the web component of Ivanti Connect … [Read more...] about Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation

Google Discloses Poorly-Patched, Now Unpatched, Windows 0-Day Bug

Dec 24, 2020 by iHash Leave a Comment

Google's Project Zero team has made public details of an improperly patched zero-day security vulnerability in Windows print spooler API that could be leveraged by a bad actor to execute arbitrary code. Details of the unpatched flaw were revealed publicly after Microsoft failed to patch it within 90 days of responsible disclosure on September 24. Originally tracked as … [Read more...] about Google Discloses Poorly-Patched, Now Unpatched, Windows 0-Day Bug

Google Discloses Windows Zero-Day Bug Exploited in the Wild

Nov 2, 2020 by iHash Leave a Comment

Google has disclosed details of a new zero-day privilege escalation flaw in the Windows operating system that's being actively exploited in the wild. The elevation of privileges (EoP) vulnerability, tracked as CVE-2020-17087, concerns a buffer overflow present since at least Windows 7 in the Windows Kernel Cryptography Driver ("cng.sys") that can be exploited for a sandbox … [Read more...] about Google Discloses Windows Zero-Day Bug Exploited in the Wild

Google Discloses 20-Year-Old Unpatched Flaw Affecting All Versions of Windows

Aug 15, 2019 by iHash Leave a Comment

Update — With this month's patch Tuesday updates, Microsoft has finally addressed this vulnerability, tracked as CVE-2019-1162, by correcting how the Windows operating system handles calls to Advanced Local Procedure Call (ALPC). A Google security researcher has just disclosed details of a 20-year-old unpatched high-severity vulnerability affecting all versions of Microsoft … [Read more...] about Google Discloses 20-Year-Old Unpatched Flaw Affecting All Versions of Windows

Hacker Discloses Second Zero-Day to Bypass Patch for Windows EoP Flaw

Jun 7, 2019 by iHash Leave a Comment

An anonymous security researcher going by the name of SandboxEscaper today publicly shared a second zero-day exploit that can be used to bypass a recently patched elevation of privilege vulnerability in the Microsoft Windows operating system.SandboxEscaper is known for publicly dropping zero-day exploits for unpatched Windows vulnerabilities. In the past year, the hacker has … [Read more...] about Hacker Discloses Second Zero-Day to Bypass Patch for Windows EoP Flaw

AdGuard VPN + Ad Blocker Family Security Suite for $49

Microsoft Office 2024 Home for Mac or PC: One-Time Purchase for $119

ASUS 14" Chromebook C424 (2021) Intel N4020 4GB RAM 128GB eMMC (Refurbished) for $174

Lenovo IdeaPad 5, 14" Touchscreen 2-in-1 Laptop (2024) AMD Ryzen 7, 16GB RAM 1TB SSD Windows 11 Home Cosmic Blue (Refurbished) for $649

Stacks Be Productive Plan: Lifetime Subscription for $29