by Surur
11 hours
Google’s Project Zero security team has discovered a Zero-day vulnerability in all versions of Firefox which is currently being exploited in the wild and which requires an urgent patch. The flaw reads: A type confusion vulne...
by Surur
1 week
Hacker SandboxEscaper has been a thorn in Microsoft’s side these last few months, repeatedly releasing privilege escalation exploits for Windows without any respect for the usual 90-day disclosure process. That has kept Micr...
by Surur
1 week
A massive new vulnerability has been found in Microsoft’s NTLM authentication protocol which could result in remote code execution on any Windows machine or authenticate to any web server that supports Windows Integrated Aut...
by Surur
2 weeks
SandboxEscaper is back with a new Privilege Escalation Exploit. On this occasion, she defeated a patch which Microsoft released in April for CVE-2019-0841, and as usual, released the exploit with proof-of-concept exploit code. Tha...
by Surur
2 weeks
Last week Microsoft released a call to action, asking IT admins to urgently patch their devices against BlueKeep, a newly discovered exploit in the RDP service in Windows 7 and earlier, which could be easily wormable by hackers. S...
3 weeks
Apple has thought of a new wireless security system, one that would disable any stolen iPhones, iPads or Macs and make shoplifting them from Apple stores a low reward activity. The patent outlines a method that would effectively b...
by Surur
3 weeks
It seems Windows Notepad’s days of innocence is over, as Threatpost reports that Google’s Project Zero has managed to corrupt the app into an entry point for full system access. Tavis Ormandy, from Google’s Project Z...
by Surur
3 weeks
We reported two days ago that security researchers have estimated that there are still a million PCs in the wild vulnerable to Bluekeep, the RDP vulnerability in Windows XP, 7 and Server 2003 and Server 2008. Now Microsoft has joi...
3 weeks
The UK’s GCHQ is working on a new proposal which lets it eavesdrop on encrypted communications, and tech companies aren’t happy. First, the GCHQ’s proposed snooping method: It would essentially force encrypted me...
by Surur
3 weeks
Earlier this month Microsoft released an emergency patch for all versions of Windows, all the way back to Windows XP, due to a zero-day vulnerability which had a very real potential to be another WannaCry. Now Errata Security repo...
by Surur
4 weeks
We reported two days ago that SandboxEscaper, who had released a number of exploits for Windows 10, was promising to release a few more, and the hacker made good on this yesterday, releasing 3 more unpatched exploits for the opera...
by Surur
4 weeks
A hacker which specializes in sandbox escapes and local privilege escalation exploits has released another zero-day exploit for all versions of Windows 10 and Windows 10 Server. The system allows a regular logged in user to elevat...