Tag: Zero-day vulnerability

Apache OFBiz Vulnerability Exposes Millions of Systems

SonicWall detects zero-day AuthBIZ flaw in Apache OFBiz

The cyber world has been rattled by the recent discovery of a critical zero-day vulnerability in Apache OFBiz, known as CVE-2023-51467. Researchers at SonicWall unveiled this flaw, which poses a significant threat by enabling attackers to bypass authentication and carry out a Server-Side Request Forgery (SSRF). The vulnerability is severe, with a CVSS score of… Continue reading Apache OFBiz Vulnerability Exposes Millions of Systems

Exim Vulnerability Allows RCE, No Patches Available

A massively-popular solution for establishing mailing clients appears to have a critical vulnerability

Exim Internet Mailer, a program massively used as a basis for mailing servers, appears to have a remote code execution vulnerability. By overflowing the buffer, hackers can make the program execute whatever code they need. Despite several reports to the developer, the patch is still not available. What is Exim? Exim is a mail transfer… Continue reading Exim Vulnerability Allows RCE, No Patches Available

Can Zero-Day Attacks Be Prevented With Patches?

Patches to 0-day breaches are offered as a magic pill. But are they?

In recent years, zero-day exploits and attacks have become prominent emerging threats. These attacks take advantage of unknown vulnerabilities within software, which makes them almost impossible to detect and prevent. Zero-day attacks can have dire consequences, allowing attackers to take control of systems, steal data, or install malware. What is a Zero-Day attack? A zero-day… Continue reading Can Zero-Day Attacks Be Prevented With Patches?

Pegasus Spyware — The Most Dangerous Malware

Pegasus is an infamous spying tool developed by NSO Group

Pegasus Spyware is a malicious program that is covered with multiple layers of secrets, rumours and false claims. That military-grade malware is something like a legend, that sometimes makes people think it is rather mythical than real. Still, the real Pegasus appears from time to time, just to notify everyone that it is still the… Continue reading Pegasus Spyware — The Most Dangerous Malware

Zero-Day Vulnerability: Understanding the Real Threats

Zero-day vulnerabilities, Zero-day exploits, Exploit

Zero-day vulnerability are the real mess of a modern cybersecurity world. You may have a perfect protection system established in your network, and your employees may be warned and ready to react properly if something goes wrong, but that still is not enough to say that a zero-day threat is avoided. So is there a… Continue reading Zero-Day Vulnerability: Understanding the Real Threats