Security News

New Tool Can Jailbreak Any iPhone and iPad Using An Unpatched 0-Day Bug
2020-05-25 01:02

The hacking team behind the "Unc0ver" jailbreaking tool has released a new version of the software that can unlock every single iPhone, including those running the latest iOS 13.5 version. The unc0ver website also highlighted the extensive testing that went behind the scenes to ensure compatibility across a broad range of devices, from iPhone 6S to the new iPhone 11 Pro Max models, spanning versions iOS 11.0 through iOS 13.5, but excluding versions 12.3 to 12.3.2 and 12.4.2 to 12.4.5.

Hackers Actively Exploit 0-Day in CCTV Camera Hardware
2020-03-23 20:35

Multiple zero-day vulnerabilities were actively being exploited in CCTV security cameras manufactured by Taiwan-based LILIN, researchers found. The company, an IP video solution provider, was being targeted by hackers hijacking the company's DVR hardware.

Hackers Actively Exploit 0-Day in CCTV Camera Hardware
2020-03-23 20:35

Multiple zero-day vulnerabilities were actively being exploited in CCTV security cameras manufactured by Taiwan-based LILIN, researchers found. The company, an IP video solution provider, was being targeted by hackers hijacking the company's DVR hardware.

Warning — Two Unpatched Critical 0-Day RCE Flaws Affect All Windows Versions
2020-03-23 12:18

Microsoft today issued a new security advisory warning billions of Windows users of two new critical, unpatched zero-day vulnerabilities that could let hackers remotely take complete control over targeted computers. According to Microsoft, both unpatched flaws are being used in limited, targeted attacks and impact all supported versions of the Windows operating system-including Windows 10, 8.1 and Server 2008, 2012, 2016, and 2019 editions, as well as Windows 7 for which Microsoft ended its support on January 14, 2020.

Multiple DDoS Botnets Exploited 0-Day Flaws in LILIN DVR Surveillance Systems
2020-03-21 01:39

Multiple zero-day vulnerabilities in digital video recorders for surveillance systems manufactured by Taiwan-based LILIN have been exploited by botnet operators to infect and co-opt vulnerable devices into a family of denial-of-service bots. The findings come from Chinese security firm Qihoo 360's Netlab team, who say different attack groups have been using LILIN DVR zero-day vulnerabilities to spread Chalubo, FBot, and Moobot botnets at least since August 30, 2019.

Multiple DDoS Botnets Exploited 0-Day Flaws in LILIN DVR Surveillance Systems
2020-03-21 01:39

Multiple zero-day vulnerabilities in digital video recorders for surveillance systems manufactured by Taiwan-based LILIN have been exploited by botnet operators to infect and co-opt vulnerable devices into a family of denial-of-service bots. The findings come from Chinese security firm Qihoo 360's Netlab team, who say different attack groups have been using LILIN DVR zero-day vulnerabilities to spread Chalubo, FBot, and Moobot botnets at least since August 30, 2019.

Zyxel 0day Affects its Firewall Products, Too
2020-02-26 14:43

On Monday, networking hardware maker Zyxel released security updates to plug a critical security hole in its network attached storage devices that is being actively exploited by crooks who specialize in deploying ransomware. Today, Zyxel acknowledged the same flaw is present in many of its firewall products.

Install Latest Chrome Update to Patch 0-Day Bug Under Active Attacks
2020-02-25 03:47

Google yesterday released a new critical software update for its Chrome web browser for desktops that will be rolled out to Windows, Mac, and Linux users over the next few days. The latest Chrome 80.0.3987.122 includes security fixes for three new vulnerabilities, all of which have been marked 'HIGH' in severity, including one that has been reportedly exploited in the wild.

Zyxel Fixes 0day in Network Storage Devices
2020-02-24 17:13

Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage devices that can be used to remotely commandeer them. Holden said the seller of the exploit code - a ne'er-do-well who goes by the nickname "500mhz" -is known for being reliable and thorough in his sales of 0day exploits.

Critical Firefox 0-Day Under Active Attacks – Update Your Browser Now!
2020-01-09 02:34

Attention! Are you using Firefox as your web browsing software on your Windows, Linux, or Mac systems? If yes, you should immediately update your free and open-source Firefox web browser to the latest version available on Mozilla's website.