What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-10-31 19:15:53 | Companies paid $4.2M bug bounties for XSS flaws in 2020 (lien direct) | Cross-Site Scripting (XSS) issues are the most common vulnerabilities that received the highest amount of rewards on the HackerOne vulnerability reporting platform. Cross-Site Scripting (XSS) is the most common vulnerability type and received the highest amount of rewards on the HackerOne vulnerability reporting platform. XSS vulnerabilities accounted for 18% of all flaws reported by bug […] | Vulnerability | ||
|
2020-10-30 21:32:29 | Google discloses unpatched Windows zero-day exploited in the wild (lien direct) | Google researchers disclosed today a zero-day vulnerability in the Windows operating system that is currently under active exploitation. Security researchers from Google have disclosed a zero-day vulnerability in the Windows operating system, tracked as CVE-2020-17087, that is currently under active exploitation. Ben Hawkes, team lead for Google Project Zero team, revealed on Twitter that the vulnerability […] | Vulnerability Guideline | ||
|
2020-10-30 08:25:17 | Threat actors are actively exploiting Zerologon flaw, Microsoft warns (lien direct) | Microsoft researchers are warning that threat actors are continuing to actively exploit the ZeroLogon vulnerability in attacks in the wild. Microsoft is warning that threat actors are actively exploiting the ZeroLogon vulnerability in the Netlogon Remote Protocol. The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. The Netlogon service is an Authentication Mechanism used in the Windows Client […] | Vulnerability Threat | ||
|
2020-10-25 14:30:34 | HPE addresses critical auth bypass issue in SSMC console (lien direct) | HPE fixed a remote authentication bypass vulnerability in HPE StoreServ Management Console (SSMC) data center storage management solution. Hewlett Packard Enterprise (HPE) has addressed a maximum severity (rated 10/10) remote authentication bypass vulnerability, tracked as CVE-2020-7197, affecting the HPE StoreServ Management Console (SSMC) data center storage management solution. HPE SSMC is a management and reporting console for HPE Primera (data storage for […] | Vulnerability | ||
|
2020-10-22 16:34:13 | Cisco addresses 17 high-severity flaws in security appliances (lien direct) | Security Advisory Bundled Publication for October 2020 – Cisco announced the release of patches for 17 high-severity flaws in its security appliances. Cisco announced the release of security patches for 17 high-severity vulnerabilities in its security appliances as part of its Security Advisory Bundled Publication for October 2020. The vulnerability impacts Adaptive Security Appliance (ASA), […] | Vulnerability | ||
|
2020-10-21 12:55:22 | Chrome 86.0.4240.111 fixes actively exploited CVE-2020-15999 zero-day (lien direct) | Google has released Chrome version 86.0.4240.111 that also addresses the CVE-2020-15999 flaw which is an actively exploited zero-day. Google has released Chrome version 86.0.4240.111 that includes security fixes for several issues, including a patch for an actively exploited zero-day vulnerability tracked as CVE-2020-15999. The CVE-2020-15999 flaw is a memory corruption bug that resides in the FreeType font rendering library, which is included […] | Vulnerability | ||
|
2020-10-21 06:42:20 | Hackers are targeting CVE-2020-3118 flaw in Cisco devices (lien direct) | Cisco warns of attacks attempting to exploit the CVE-2020-3118 vulnerability that affects multiple carrier-grade routers running Cisco IOS XR Software. Cisco is warning of attacks targeting the CVE-2020-3118 high severity vulnerability that affects multiple carrier-grade routers running the Cisco IOS XR Software. The flaw resides in the Cisco Discovery Protocol implementation for Cisco IOS XR […] | Vulnerability | ||
|
2020-10-20 14:40:53 | MMO game Street Mobster leaking data of 1.9 million users due to critical vulnerability (lien direct) | Researchers discovered that MMO game Street Mobster is leaking data of 1.9 million users due to SQL Injection critical vulnerability. Attackers could exploit the SQL Injection flaw to compromise the game's database and steal user data. Original Post: https://cybernews.com/street-mobster-game-leaking-data-of-2-million-players The CyberNews.com Investigation team discovered a critical vulnerability in Street Mobster, a browser-based massively multiplayer online […] | Vulnerability | ||
|
2020-10-17 13:30:08 | UK NCSC recommends organizations to fix CVE-2020-16952 SharePoint RCE flaw asap (lien direct) | The U.K. National Cyber Security Centre (NCSC) issued an alert to urge organizations to patch CVE-2020-16952 RCE vulnerability in MS SharePoint Server. The U.K. National Cyber Security Centre (NCSC) issued an alert to warn of the risks of the exploitation for the CVE-2020-16952 remote code execution (RCE) vulnerability in Microsoft SharePoint Server and urges organizations to address […] | Vulnerability | ||
|
2020-10-16 10:02:36 | Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135 (lien direct) | The Tripwire VERT security team spotted almost 800,000 SonicWall VPN appliances exposed online that are vulnerable to the CVE-2020-5135 RCE flaw. Security experts from the Tripwire VERT security team have discovered 795,357 SonicWall VPN appliances that were exposed online that are vulnerable to the CVE-2020-5135 RCE flaw. “A buffer overflow vulnerability in SonicOS allows a […] | Vulnerability | ||
|
2020-10-07 06:03:27 | Using a WordPress flaw to leverage Zerologon vulnerability and attack companies\' Domain Controllers (lien direct) | Using a WordPress flaw (File-Manager plugin–CVE-2020-25213) to leverage Zerologon (CVE-2020-1472) and attack companies' Domain Controllers. Recently, a critical vulnerability called Zerologon – CVE-2020-1472 – has become a trending subject around the globe. This vulnerability would allow a malicious agent with a foothold on your internal network to essentially become Domain Admin with just one click. This scenario […] | Vulnerability | ||
|
2020-10-06 07:41:30 | Iran-linked APT is exploiting the Zerologon flaw in attacks (lien direct) | Microsoft researchers reported that Iranian cyber espionage group MuddyWater is exploiting the Zerologon vulnerability in attacks in the wild. Microsoft published a post and a series of tweets to warn of cyber attacks exploiting the Zerologon vulnerability carried out by the Iran-linked APT group known as MuddyWater, aka Mercury. The Zerologon vulnerability, tracked as CVE-2020-1472, is […] | Vulnerability | ||
|
2020-09-24 14:19:02 | Instagram RCE gave hackers remote access to your device (lien direct) | Facebook has addressed a critical vulnerability in Instagram that could lead to remote code execution and turn the smartphone into a spying device. Facebook has fixed a critical remote code execution vulnerability in Instagram that could lead to the hijack of smartphone cameras, microphones, and more. The vulnerability, tracked as CVE-2020-1895, was discovered by Check Point, […] | Vulnerability Guideline | ||
|
2020-09-23 14:34:00 | Samba addresses the CVE-2020-1472 Zerologon Vulnerability (lien direct) | Samba team has released a security patch to address the Zerologon issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). Samba team has released a security patch to address the Zerologon (CVE-2020-1472) issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. The Netlogon service is an Authentication […] | Vulnerability | ||
|
2020-09-21 06:58:29 | DHS CISA orders federal agencies to fix Zerologon flaw by Monday (lien direct) | DHS CISA issued an emergency directive to tells government agencies to address the Zerologon vulnerability (CVE-2020-1472) by Monday. The Department of Homeland Security’s CISA issued an emergency directive to order government agencies to address the Zerologon vulnerability (CVE-2020-1472) by Monday. The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. The Netlogon service is an Authentication Mechanism […] | Vulnerability | ||
|
2020-09-19 18:28:57 | Hijacking nearby Firefox mobile browsers via WiFi by exploiting a bug (lien direct) | Mozilla addressed a bug that can be exploited by attackers to hijack all the Firefox for Android browsers that share the same WiFi network. Mozilla has addressed a vulnerability that can be abused by attackers to hijack all the Firefox for Android browsers on the same WiFi network and force them to visit malicious sites, […] | Vulnerability | ||
|
2020-09-15 12:19:38 | UK NCSC releases the Vulnerability Disclosure Toolkit (lien direct) | The British National Cyber Security Centre (NCSC) released a guideline, dubbed The Vulnerability Disclosure Toolkit, for the implementation of a vulnerability disclosure process. The UK National Cyber Security Centre (NCSC) has released a guideline, dubbed The Vulnerability Disclosure Toolkit, on how to implement a vulnerability disclosure process. The guidelines highlight the importance for any organization […] | Vulnerability | ||
|
2020-09-12 14:18:15 | INVDoS, a severe DoS issue in Bitcoin core remained undisclosed for two years (lien direct) | The INVDoS (Bitcoin Inventory Out-of-Memory Denial-of-Service)Attack would have allowed hackers to crash Bitcoin nodes and alternative chains. Two years ago, the Bitcoin protocol engineer Braydon Fuller. discovered a major uncontrolled memory resource consumption denial-of-service vulnerability (INVDoS), tracked as CVE-2018-17145, that affected the peer-to-peer network code of three implementations of Bitcoin and other blockchains, including Litecoin, Namecoin, […] | Vulnerability | ||
|
2020-09-11 21:01:18 | Threat actors target WordPress sites using vulnerable File Manager install (lien direct) | Experts reported threat actors are increasingly targeting a recently addressed vulnerability in the WordPress plugin File Manager. Researchers from WordPress security company Defiant observed a surge in the number of attacks targeting a recently addressed vulnerability in the WordPress plugin File Manager. In early September, experts reported that hackers were actively exploiting a critical remote […] | Vulnerability Threat | ||
|
2020-09-11 12:24:55 | Decrypting TLS connections with new Raccoon Attack (lien direct) | Boffins devised a new timing attack, dubbed Raccoon that could be exploited by threat actors to decrypt TLS-protected communications. Security researchers from universities in Germany and Israel have disclosed the details of a new timing attack, dubbed Raccoon, that could allow malicious actors to decrypt TLS-protected communications. The timing vulnerability resides in the Transport Layer […] | Vulnerability Threat | ||
|
2020-09-10 11:47:34 | BLURtooth flaw allows attacking Bluetooth encryption process (lien direct) | Bluetooth 4.0 through 5.0 versions are affected by the vulnerability dubbed BLURtooth which allows hackers to defeat Bluetooth encryption. A vulnerability dubbed BLURtooth affects certain implementations of Bluetooth 4.0 through 5.0 affects “dual-mode” Bluetooth devices, like modern smartphones. The vulnerability could be exploited by attackers to overwrite or lower the strength of the pairing key, […] | Vulnerability | ||
|
2020-09-02 21:13:23 | Cisco addresses critical code execution flaw in Cisco Jabber for Windows (lien direct) | Cisco addressed a critical remote code execution vulnerability affecting multiple versions of its Cisco Jabber for Windows operating system. Cisco has addressed a critical severity remote code execution flaw, tracked as CVE-2020-3495, that affects multiple versions of Cisco Jabber for Windows. Cisco Jabber for Windows is a desktop collaboration client that integrates users with presence, audion, video […] | Vulnerability | ||
|
2020-09-02 14:58:04 | Hackers are actively exploiting critical RCE in WordPress sites using File Manager plugin (lien direct) | Hackers actively exploiting a critical remote code execution vulnerability in the File Manager plugin, over 300,000 WordPress sites potentially exposed. Hackers are actively exploiting a critical remote code execution vulnerability in the File Manager WordPress plugin that could be exploited by unauthenticated attackers to upload scripts and execute arbitrary code on WordPress sites running vulnerable versions of the plugin. […] | Vulnerability | ||
|
2020-08-31 18:06:53 | Researchers warn of QNAP NAS attacks in the wild (lien direct) | Hackers target QNAP NAS devices running multiple firmware versions vulnerable to a remote code execution (RCE) flaw addressed by the vendor 3 years ago. Hackers are scanning the Internet for vulnerable network-attached storage (NAS) devices running multiple QNAP firmware versions vulnerable to a remote code execution (RCE) vulnerability addressed by the vendor 3 years ago. […] | Vulnerability | ||
|
2020-08-31 14:29:28 | Hackers are trying to exploit DoS flaw in Cisco IOS XR software running in carrier-grade routers (lien direct) | Cisco warns that threat actors are attempting to exploit a high severity DoS flaw in its Cisco IOS XR software that runs on carrier-grade routers. Cisco warned over the weekend that attackers are trying to exploit a high severity memory exhaustion denial-of-service (DoS) vulnerability (CVE-2020-3566) affecting the Cisco IOS XR Network OS that runs on carrier-grade routers. Cisco IOS XR […] | Vulnerability Threat | ||
|
2020-08-25 17:55:55 | Expert discloses unpatched Safari flaw that allows stealing local files (lien direct) | A researcher disclosed technical details of an unpatched vulnerability in Apple's Safari web browser that can be exploited to steal files from the targeted system. An expert disclosed the details of an unpatched vulnerability in Apple's Safari web browser that can be exploited by attackers to steal files from a targeted system. The vulnerability was […] | Vulnerability | ||
|
2020-08-20 22:03:34 | Google fixed email spoofing flaw 7 hours after public disclosure (lien direct) | Google addressed an email spoofing vulnerability affecting Gmail and G Suite a few hours after it was publicly disclosed. Google addressed an email spoofing vulnerability affecting its Gmail and G Suite products a few hours after it was publicly disclosed, but the IT giant was ware of the flaw since April. On Wednesday, the researcher […] | Vulnerability | ||
|
2020-08-20 17:52:14 | Shared memory flaw in IBM Db2 can lead to Information Disclosure (lien direct) | IBM addressed a shared memory vulnerability in its Db2 data management solutions that could lead to information disclosure. IBM fixed a shared memory vulnerability in its Db2 data management products that can be exploited by malicious local users to access sensitive data. The vulnerability, which is tracked as CVE-2020-4414, was discovered by researchers from Trustwave, it […] | Vulnerability Guideline | ||
|
2020-08-20 16:04:43 | CVE-2020-3446 default credentials bug exposes Cisco ENCS, CSP Appliances to hack (lien direct) | Cisco addressed a critical default credentials vulnerability (CVE-2020-3446) affecting some configurations of its ENCS 5400-W series and CSP 5000-W series appliances. Cisco fixed a critical default credentials vulnerability impacting some configurations of its ENCS 5400-W series and CSP 5000-W series appliances. Cisco Wide Area Application Services (WAAS) is technology developed by Cisco Systems that optimizes […] | Hack Vulnerability | ||
|
2020-08-19 07:42:42 | Actively exploited CVE-2020-1464 Windows Spoofing flaw was known since 2018 (lien direct) | The actively exploited Windows spoofing vulnerability (CVE-2020-1464) recently patched by Microsoft has been known for more than two years. The actively exploited Windows spoofing flaw, tracked as CVE-2020-1464 and patched last week by Microsoft, has been known for more than two years, researchers revealed. Microsoft's August 2020 Patch Tuesday security updates addressed 120 vulnerabilities, including two zero-days […] | Vulnerability | ||
|
2020-08-19 06:35:15 | A flaw in Concrete5 CMS could have allowed website takeover (lien direct) | A remote code execution (RCE) vulnerability affecting the Concrete5 CMS exposed numerous servers to full takeover, experts warn. A recently addressed remote code execution (RCE) flaw in the Concrete5 CMS exposed numerous websites to attacks. Concrete5 is an open-source content management system (CMS) designed for ease of use, for users with a minimum of technical […] | Vulnerability | ||
|
2020-08-18 17:55:05 | Critical flaw in Jenkins Server can cause information disclosure (lien direct) | A critical vulnerability in Jenkins server software could result in memory corruption and cause confidential information disclosure. A critical vulnerability in Jenkins server software, tracked as CVE-2019-17638, could result in memory corruption and cause confidential information disclosure. Jenkins is the most popular open source automation server, it is maintained by CloudBees and the Jenkins community. The […] | Vulnerability | ||
|
2020-08-13 15:50:21 | Microsoft failed to fix LSASS elevation of privilege flaw (lien direct) | Microsoft did not properly address an elevation of privilege flaw (CVE-2020-1509) in the Windows Local Security Authority Subsystem Service (LSASS). Google Project Zero researcher who discovered the elevation of privilege flaw (CVE-2020-1509) in the Windows Local Security Authority Subsystem Service (LSASS) warn that Microsoft did not properly address it. “An elevation of privilege vulnerability exists […] | Vulnerability | ||
|
2020-08-11 08:14:27 | Researcher discloses exploit code for a vBulletin zero-day (lien direct) | A researcher published details and proof-of-concept exploit code for a zero-day RCE vulnerability in the popular forum CMS vBulletin. The researcher Amir Etemadieh has published technical details and proof-of-concept exploit code for a zero-day remote code execution vulnerability in vBulletin, the popular forum software. The new vulnerability is a bypass for a the security patch […] | Vulnerability | ||
|
2020-08-11 07:01:46 | TeamViewer flaw can allow hackers to steal System password (lien direct) | A severe vulnerability impacting TeamViewer for Windows, tracked as CVE 2020-13699, could be exploited by remote attackers to steal the system password. TeamViewer has recently addressed a high-risk vulnerability (CVE 2020-13699), that could be exploited by remote attackers to steal system password and potentially compromise it. TeamViewer is a popular software application for remote control, […] | Vulnerability | ★★★ | |
|
2020-08-05 08:00:47 | Flaw in popular NodeJS \'express-fileupload\' module allows DoS attacks and code injection (lien direct) | Expert found a flaw in a popular NodeJS module that can allow attackers to perform a denial-of-service (DoS) attack on a server or get arbitrary code execution. The NodeJS module “express-fileupload,” which has more that 7.3 million times downloads from the npm repository. The NodeJS module is affected by a ‘Prototype Pollution’ CVE-2020-7699 vulnerability that can allow attackers to perform a denial-of-service (DoS) attack on a […] | Vulnerability | ||
|
2020-08-02 08:35:39 | A critical flaw in wpDiscuz WordPress plugin lets hackers take over hosting account (lien direct) | A critical flaw in the wpDiscuz WordPress plugin could be exploited by remote attackers to execute arbitrary code and take over the hosting account. Security experts from Wordfence discovered a critical vulnerability impacting the wpDiscuz WordPress plugin that is installed on over 80,000 sites. The vulnerability could be exploited by attackers to execute arbitrary code […] | Vulnerability | ||
|
2020-07-31 14:51:38 | Cisco fixes critical and high-severity flaws in Data Center Network Manager (lien direct) | Cisco addressed critical and high-severity vulnerabilities affecting its Data Center Network Manager (DCNM) network management platform. Cisco addressed this week some critical and high-severity vulnerabilities impacting its Data Center Network Manager (DCNM) network management platform. One of the most security issues is a critical authentication bypass vulnerability, tracked as CVE-2020-3382. The vulnerability can allow a remote, unauthenticated attacker […] | Vulnerability | ||
|
2020-07-25 11:35:15 | (Déjà vu) US CISA warns of attacks exploiting CVE-2020-5902 flaw in F5 BIG-IP (lien direct) | The U.S. CISA is warning of the active exploitation of the unauthenticated remote code execution CVE-2020-5902 vulnerability affecting F5 Big-IP ADC devices. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert about the active exploitation of the unauthenticated remote code execution (RCE) CVE-2020-5902 vulnerability affecting F5 Big-IP ADC devices. The alert includes additional […] | Vulnerability | ||
|
2020-07-24 12:51:12 | CVE-2020-3452 flaw in Cisco ASA/FTD exploited within hours after the disclosure (lien direct) | Cisco fixed CVE-2020-3452 high-severity path traversal flaw in its firewalls that can be exploited by remote attackers to obtain sensitive files from the targeted system. Cisco addressed a high-severity path traversal vulnerability in its firewalls, tracked as CVE-2020-3452, that can be exploited by remote attackers to obtain potentially sensitive files from the targeted system. Cisco […] | Vulnerability | ||
|
2020-07-23 16:36:59 | PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack (lien direct) | Expert release a PoC exploit code for a recently addressed critical flaw in Microsoft SharePoint, .NET Framework, and Visual Studio. CVE-2020-1147 is a critical vulnerability in .NET Framework, SharePoint, and Visual Studio that was recently addressed by Microsoft with the release of the July 2020 Patch Tuesday security updates. The flaw is caused by the lack […] | Hack Vulnerability | ||
|
2020-07-22 11:49:19 | Citrix Workspace flaw can allow remote hack of devices running vulnerable app (lien direct) | Citrix addressed a vulnerability in its Citrix Workspace app that can allow an attacker to remotely hack the computer running the vulnerable application Citrix has patched a high severity vulnerability, tracked as CVE-2020-8207, affecting its Workspace app that can be exploited by an attacker to remotely hack the computer running the flawed application. The flaw affects […] | Hack Vulnerability | ||
|
2020-07-20 05:58:00 | A flaw in Zoom\'s Vanity URL feature could have been exploited in phishing attacks (lien direct) | A vulnerability affecting the Zoom feature dubbed Vanity URL could have been exploited by hackers for phishing attacks. A vulnerability affecting the Zoom feature dubbed Vanity URLs could have been exploited by hackers for phishing attacks. The popularity of the Zoom video conferencing service exploded during the COVID-19 outbreak when it was chosen by organizations, schools, […] | Vulnerability | ||
|
2020-07-18 14:34:16 | Experts warn of massive internet scans for SAP systems affected by RECON Vulnerability (lien direct) | Hackers have been scanning the Internet for SAP systems affected by RECON vulnerability, researchers from Bad Packets warn. Researchers from Bad Packets reported that threat actors have been scanning the Internet for SAP systems affected by RECON vulnerability, , tracked as CVE-2020-6287. Immediately after a researcher released a proof-of-concept (PoC) exploit for the RECON vulnerability, […] | Vulnerability Threat | ||
|
2020-07-17 11:25:50 | DHS CISA urges government agencies to fix SIGRed Windows Server DNS bug within 24h (lien direct) | US DHS CISA urges government agencies to patch SIGRed Windows Server DNS vulnerability within 24h due to the likelihood of the issue being exploited. The US DHS CISA issued an emergency directive urging government agencies to patch the recently disclosed SIGRed Windows Server DNS vulnerability within 24h due to the likelihood of the issue being […] | Vulnerability | ||
|
2020-07-14 21:10:30 | Microsoft fixes critical wormable RCE SigRed in Windows DNS servers (lien direct) | Microsoft’s Patch Tuesday security updates for July 2020 addressed a 17-year-old wormable vulnerability for hijacking Microsoft Windows Server dubbed SigRed Microsoft’s Patch Tuesday addressed a 17-year-old wormable vulnerability for hijacking Microsoft Windows Server tracked CVE-2020-1350 and dubbed SigRed. The issue received a severity rating of 10.0 on the CVSS scale and affects Windows Server versions […] | Vulnerability | ||
|
2020-07-14 10:07:52 | Critical SAP Recon vulnerability exposes thousands of system to full take over (lien direct) | IT giant SAP addressed a critical flaw, tracked as CVE-2020-6287 and dubbed RECON, that could allow attackers to take over corporate servers. SAP has released security patches to address a critical vulnerability, tracked as CVE-2020-6287 and dubbed RECON (Remotely Exploitable Code On NetWeaver), that could be exploited by attackers to take over corporate servers. The […] | Vulnerability | ||
|
2020-07-14 08:10:25 | New Mirai variant includes exploit for a flaw in Comtrend Routers (lien direct) | Researchers spotted a new version of the Mirai IoT botnet that includes an exploit for a vulnerability affecting Comtrend routers. Malware researchers at Trend Micro have discovered a new version of the Mirai Internet of Things (IoT) botnet that includes an exploit for the CVE-2020-10173 vulnerability impacting Comtrend routers. The Mirai botnet was first discovered in August 2016 by […] | Malware Vulnerability | ||
|
2020-07-10 10:09:52 | KingComposer fixes a reflected XSS impacting 100,000 WordPress sites (lien direct) | An XSS vulnerability in the KingComposer page builder for WordPress impacts 100,000 websites using the WordPress plugin. Researchers at Wordfence Threat Intelligence team discovered a reflected cross-site scripting (XSS) vulnerability, tracked as CVE-2020-15299, in the KingComposer WordPress plugin that potentially impacts 100,000 websites. KingComposer a fast drag-and-drop page builder for WordPress websites, which comes complete with top-notch features embedded and […] | Vulnerability Threat | ★★ | |
|
2020-07-09 23:11:06 | (Déjà vu) Zoom is working on a patch for a zero-day in Windows client (lien direct) | Researchers from cyber-security firm ACROS Security have disclosed a zero-day vulnerability in the Windows client of the popular Zoom video conferencing platform. Researchers from cyber-security firm ACROS Security have disclosed a zero-day vulnerability in the Windows client of the video conferencing software Zoom. The vulnerability is a remote code execution issue, which could allow the […] | Vulnerability |
To see everything:
Our RSS (filtrered)
