Zero-Day – Page 7 – Computer Security Articles

CVE-2017-0199 – Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API

April 14, 2017 admin CVE-2017-0199, exploit, Hacker, malware, Microsoft Office, RTF, Vulnerability, WordPad, Zero-Day

Credit to Author: Pradeep Kulkarni| Date: Fri, 14 Apr 2017 09:52:28 +0000

The newly discovered zero-day vulnerability (CVE-2017-0199) in Microsoft Office/WordPad is being actively exploited in the wild. Almost all Microsoft Office versions are affected with this bug. To fix this vulnerability, Microsoft released a security update on April 11, 2017. Vulnerable Versions According to Microsoft, the following are the affected products…

The post CVE-2017-0199 – Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API appeared first on Quick Heal Technologies Security Blog | Latest computer security news, tips, and advice.

MalwareBytes Security

What is a Zero-Day?

April 12, 2017 admin cybercrime, malware, Zero day exploit, zero hour malware, Zero-Day

Credit to Author: Scott Wilson| Date: Wed, 12 Apr 2017 15:00:03 +0000

You have probably heard the term zero-day or zero-hour malware, but what exactly does it mean?

Categories:

Tags: malware zero day zero day exploit zero hour malware

(Read more…)

The post What is a Zero-Day? appeared first on Malwarebytes Labs.

QuickHeal Security

CVE-2017-5638 – Apache Struts 2 Remote Code Execution Vulnerability

March 29, 2017 admin Apache, CVE, Hacker, hacking, malware, Vulnerability, Zero-Day

Credit to Author: Pradeep Kulkarni| Date: Tue, 14 Mar 2017 11:01:23 +0000

The well-known open source web application framework Apache Struts 2 is being actively exploited in the wild allowing hackers to launch a remote code execution attack. To address this issue, Apache has issued a security advisory and CVE-2017-5638 has been assigned to it. The zero-day bug has been rated with…

The post CVE-2017-5638 – Apache Struts 2 Remote Code Execution Vulnerability appeared first on Quick Heal Technologies Security Blog | Latest computer security news, tips, and advice.

Independent Krebs

WikiLeaks Dumps Docs on CIA’s Hacking Tools

March 8, 2017 admin Bloomberg, Bugcrowd, Casey Ellis, Center for Cyber Intelligence, Central Intelligence Agency, Cisco, Craig Dods, Edward Snowden, Equation Group, Hillary Clinton, John Podesta, Juniper, Leonid Bershidsky, national security agency, NSA, Open Whisper Systems, Other, Samsung, signal, smart TVs, The New York Times, The Shadow Brokers, US CIA, vault 7, Weeping Angel, WhatsApp, WikiLeaks, Zero-Day

Credit to Author: BrianKrebs| Date: Wed, 08 Mar 2017 18:39:11 +0000

WikiLeaks on Tuesday dropped one of its most explosive word bombs ever: A secret trove of documents apparently stolen from the U.S. Central Intelligence Agency (CIA) detailing methods of hacking everything from smart phones and TVs to compromising Internet routers and computers. KrebsOnSecurity is still digesting much of this fascinating data cache, but here are some first impressions based on what I’ve seen so far.

Security Wired

Security News This Week: An IoT Teddy Bear Leaked Millions of Parent and Child Voice Recordings

March 4, 2017 admin Internet of Things, IoT, privacy, Security, Threat Level, Zero-Day

Credit to Author: Wired Staff| Date: Sat, 04 Mar 2017 12:00:36 +0000

Each weekend we round up the news stories that we didn’t break or cover in depth but that still deserve your attention. The post Security News This Week: An IoT Teddy Bear Leaked Millions of Parent and Child Voice Recordings appeared first on WIRED.