zero-day

Zero-day

Chrome Update: Exploited Zero-Day Vulnerability fixed by Google, the 8th this year

Connect
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!
RiSec.n0tst3
Connect

In response to a heap buffer overflow vulnerability, Google has released a security update for the desktop versions of Google Chrome for Windows, Linux, and Mac. The Chrome vulnerability is already being used in the wild, claims Google’s own blog. This is the eighth time this year that a Google Chrome zero-day vulnerability has been …

Chrome Update: Exploited Zero-Day Vulnerability fixed by Google, the 8th this year Read More »

google

VULN: Urgent Chrome Update Patche’s New Zero-Day Vulnerability

Just your average information security researcher from Delaware US.

Google on Friday, Sept 2nd, shipped emergency fixes to address a security vulnerability in the Chrome web browser that it said is being actively exploited in the wild. The issue, assigned the identifier CVE-2022-3075, concerns a case of insufficient data validating in Mojo, which refers to a collection of runtime libraries that provide a platform-agnostic mechanism for …

VULN: Urgent Chrome Update Patche’s New Zero-Day Vulnerability Read More »

0day

Zero-day Abused by Cybercriminals to Steal Crypto from Bitcoin ATMs

Just your average information security researcher from Delaware US.

Malicious actors have taken advantage of a zero-day flaw in General Bytes Bitcoin ATM servers to steal cryptocurrency from clients. The way it works is that once a person deposits or buys bitcoin through the ATM, the money will instead be diverted to the threat actors. The hardware and software company General Bytes produces Bitcoin ATMs that, …

Zero-day Abused by Cybercriminals to Steal Crypto from Bitcoin ATMs Read More »

google chrome

Zero-Day: Chrome browser gets 11 security fixes – update now!

Connect
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!
RiSec.n0tst3
Connect

The latest update to Google’s Chrome browser is out, bumping the four-part version number to 104.0.5112.101 (Mac and Linux), or to 104.0.5112.102 (Windows). According to Google, the new version includes 11 security fixes, one of which is annotated with the remark that “an exploit [for this vulnerability] exists in the wild”, making it a zero-day hole. The name zero-day is a reminder …

Zero-Day: Chrome browser gets 11 security fixes – update now! Read More »

Zero-day

Google Claims Half of all Zero-Day Bugs Are Due to Poor Patches

Just your average information security researcher from Delaware US.

Google Project Zero noted a total of 18 zero-day bugs this year, so far. Researchers at Google Project Zero noted that half of the zero-day bugs found in H1 2022 – that were exploited before a patch was publicly available – can be avoided if concerned software vendors made better testing of their patches. Also, …

Google Claims Half of all Zero-Day Bugs Are Due to Poor Patches Read More »

vulnerability

Unpatched Critical Atlassian Confluence Zero-Day RCE Flaw Actively Exploited

Connect
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!
RiSec.n0tst3
Connect

Atlassian warned of an actively exploited critical unpatched remote code execution flaw (CVE-2022-26134) in Confluence Server and Data Center products. Atlassian is warning of a critical unpatched remote code execution vulnerability affecting all Confluence Server and Data Center supported versions, tracked as CVE-2022-26134, that is being actively exploited in attacks in the wild. “Atlassian has …

Unpatched Critical Atlassian Confluence Zero-Day RCE Flaw Actively Exploited Read More »

google

Google Offering $91,000 Rewards for Linux Kernel, GKE Zero-Days

Connect
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!
RiSec.n0tst3
Connect

Technology giant Google is offering bigger cash awards for hackers reporting critical security flaws affecting the Linux Kernel, GKE, Kubernetes, and kCTF. In November last year, Google tripled the bug bounty rewards for Linux kernel flaws reported through its Vulnerability Rewards Program (VRP), for payouts of up to $50,337 for zero-day issues. This week, the company announced it …

Google Offering $91,000 Rewards for Linux Kernel, GKE Zero-Days Read More »

google chrome

Google Patches Zero-Day Vulnerability attack vector Actively Exploiting Chrome

Connect
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!
RiSec.n0tst3
Connect

Google on Monday announced the release of 11 security patches for Chrome, including one for a vulnerability exploited in the wild. Tracked as CVE-2022-0609 and rated high severity, the exploited vulnerability is described as a use-after-free issue in Animation that was reported by Adam Weidemann and Clément Lecigne of Google’s Threat Analysis Group. “Google is aware of reports …

Google Patches Zero-Day Vulnerability attack vector Actively Exploiting Chrome Read More »

Zero-day

Adobe Issues an Emergency Patch to Address an Exploited Commerce Zero-Day Vulnerability

Connect
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!
RiSec.n0tst3
Connect

Yesterday, Adobe issued an emergency advisory to notify users of Adobe Commerce and Magento about a critical zero-day vulnerability that has been exploited in attacks. As per the tech giant’s threat data, the security issue is being used “in very limited attacks targeting Adobe Commerce merchants.” To address the critical security flaw affecting its products, the American …

Adobe Issues an Emergency Patch to Address an Exploited Commerce Zero-Day Vulnerability Read More »

apple

Apple Releases Updates to Patch Actively Exploited Zero-Day Flaw in iOS, iPadOS, macOS

Connect
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!
RiSec.n0tst3
Connect

Apple has released security updates for iOS, iPadOS, macOS, and Safari to address a new WebKit flaw that it said may have been actively exploited in the wild, making it the company’s third zero-day patch since the start of the year. Tracked as CVE–2022-22620, the issue concerns a use-after-free vulnerability in the WebKit component that powers the Safari web …

Apple Releases Updates to Patch Actively Exploited Zero-Day Flaw in iOS, iPadOS, macOS Read More »