X-Industry

The cost of zero-day exploits has always been high, especially if they allow an attacker to remotely execute code on a host machine.  But why pay hundreds of thousands of dollars for a 0-day when a relatively simple drive-by attack doesn’t need one and can achieve much the same result?  That’s what interested an Imperva security researcher who has published a report on new drive-by attack using something called the Evil Code Editor.  Here’s what you need to know.

“A remote code execution chain i

A new malware campaign leveraged two zero-day flaws in Cisco networking gear to deliver custom malware and facilitate covert data collection on target environments.   Cisco Talos, which named the activity ArcaneDoor, attributed it as the handiwork of a previously undocumented sophisticated state-sponsored actor it tracks under the name UAT4356 (aka Storm-1849 by Microsoft).  "UAT4356 deployed two backdoors as components of this campaign, 'Line Runner' and 'Line Dancer,' which were used collectiv

Palo Alto Networks has released fixes for a zero-day vulnerability affecting its GlobalProtect VPN product that is being targeted following its disclosure last week.  Hotfixes for the vulnerability labeled: CVE-2024-3400, were recently published, as promised in an urgent notice about the bug on 12 April.  The zero-day carries the highest severity score possible of 10.[1]

Security company Volexity, which Palo Alto credited with discovering the bug, said it “is highly likely” the attacker behind t

Fortinet warns that a recently addressed FortiOS vulnerability has been exploited by a sophisticated threat actor in highly targeted attacks against governmental and government-related entities.  Patched last week, the bug is tracked as CVE-2022-41328 and is described as a medium-severity path traversal issue leading to command execution.  When it announced the availability of fixes, Fortinet failed to mention that this was actually a zero-day vulnerability.[1]  “An improper limitation of a path