Desired Effect provides an ethical vulnerability exchange marketplace to help defenders get ahead of attackers.
The post Ethical Zero Day Marketplace Desired Effect Emerges From Stealth appeared first on SecurityWeek.
CISA Analyzes Malware Used in Ivanti Zero-Day Attacks
CISA has published its analysis of Resurge, a SpawnChimera malware variant used in attacks targeting a recent Ivanti Connect Secure zero-day.
The post CISA Analyzes Malware Used in Ivanti Zero-Day Attacks appeared first on SecurityWeek.
Russian Firm Offers $4 Million for Telegram Exploits
A Russian exploit acquisition firm says it is willing to pay up to $4 million for full-chain exploits targeting the popular messaging service Telegram. The firm, Operation Zero, is known for selling zero-day exploits exclusively to Russian government and private organizations. On March 20, the exploit broker announced on X that it was offering up […]
The post Russian Firm Offers $4 Million for Telegram Exploits appeared first on SecurityWeek.
Microsoft Warns of Six Windows Zero-Days Being Actively Exploited
Microsoft’s security response team pushed out documentation for almost 90 vulnerabilities across Windows and OS components and marked several flaws in the actively exploited category.
The post Microsoft Warns of Six Windows Zero-Days Being Actively Exploited appeared first on SecurityWeek.
CrowdStrike Dismisses Claims of Exploitability in Falcon Sensor Bug
CrowdStrike dismissed claims that the Falcon EDR sensor bug could be exploited for privilege escalation or remote code execution.
The post CrowdStrike Dismisses Claims of Exploitability in Falcon Sensor Bug appeared first on SecurityWeek.
Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits
Crowdfense has announced a $30 million exploit acquisition program covering Android, iOS, Chrome, and Safari zero-days.
The post Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits appeared first on SecurityWeek.
$200,000 Awarded at Pwn2Own 2024 for Tesla Hack
Participants earned a total of $732,500 on the first day of Pwn2Own Vancouver 2024 for hacking a Tesla, operating systems, and other software.
The post $200,000 Awarded at Pwn2Own 2024 for Tesla Hack appeared first on SecurityWeek.
Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones
iOS zero-click attack targeting Kaspersky iPhones bypassed hardware-based security protections to take over devices.
The post Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones appeared first on SecurityWeek.
Stealth Techniques Used in ‘Operation Triangulation’ iOS Attack Dissected
Kaspersky analyzes the stealth techniques that were used in the ‘Operation Triangulation’ iOS zero-click attacks.
The post Stealth Techniques Used in ‘Operation Triangulation’ iOS Attack Dissected appeared first on SecurityWeek.
Mirai Variant IZ1H9 Adds 13 Exploits to Arsenal
A Mirai botnet variant tracked as IZ1H9 has updated its arsenal with 13 exploits targeting various routers, IP cameras, and other IoT devices.
The post Mirai Variant IZ1H9 Adds 13 Exploits to Arsenal appeared first on SecurityWeek.
