Zero-Day Vulnerability Tag

Google's Cloud Platform was found to have a vulnerability that could allow attackers to plant applications in a victim's account, potentially compromising it permanently and without detection.   The flaw, known as GhostToken, was discovered by Israeli security firm Astrix, which alerted Google to the zero-day vulnerability in July 2022. An attacker who successfully compromised a victim's account could read their Gmail, access their files and photos,...

Read More

After the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a decryptor for affected victims to recover from ESXiArgs ransomware attacks, the threat actors have bounced back with an updated version that encrypts more data. The emergence of the new variant was reported by a system administrator on an online forum, where another participant stated that files larger than 128MB...

Read More

The Apache Log4j vulnerability has made global headlines since it was discovered in early December. The flaw has impacted vast numbers of organizations around the world as security teams have scrambled to mitigate the associated risks. Here is a timeline of the key events surrounding the Log4j vulnerability as they have unfolded.   Thursday, December 9: Apache Log4j zero-day exploit discovered Apache released details on a critical vulnerability...

Read More

Attention readers, if you are using Chrome on your Windows, Mac, and Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today.   With the release of Chrome 78.0.3904.87, Google is warning billions of users to install an urgent software update immediately to patch two high severity vulnerabilities, one of which attackers are actively exploiting in the wild...

Read More