Using Fuzzing to Mine for Zero-Days
Infosec Insider Derek Manky discusses how new technologies and economic models are facilitating fuzzing in today's security landscape.
View ArticleMicrosoft IE Zero Day Gets Emergency Patch
Microsoft issued an out-of-band patch for a zero day bug in its Internet Explorer browser.
View ArticleZerodium Raises Zero-Day Payout Ceiling to $2M
Apple exploits will fetch the highest price.
View ArticleIDenticard Zero-Days Allow Corporate Building Access, Location Recon
Multiple hardcoded passwords allow attackers to create badges to gain building entry, access video surveillance feeds, manipulate databases and more.
View ArticleWordPress Users Urged to Delete Zero-Day-Ridden Plugin
The development team of the vulnerable Total Donations plugin appears to have abandoned it, and did not respond to inquiries from researchers.
View ArticleMacOS Zero-Day Exposes Apple Keychain Passwords
A researcher who discovered a flaw letting him steal passwords in MacOS is not sharing his findings with Apple without a macOS bug bounty program.
View ArticleAdobe Re-Patches Critical Acrobat Reader Flaw
Adobe has issued yet another patch for a critical vulnerability in its Acrobat Reader - a week after the original fix.
View ArticleProject Zero Discloses High-Severity Apple macOS Flaw
Google Project Zero researchers detailed a new high-severity macOS flaw after Apple failed to patch it by the 90-day disclosure deadline.
View ArticleRSAC 2019: Microsoft Zero-Day Allows Exploits to Sneak Past Sandboxes
Researchers say that Microsoft won't issue a patch for the issue.
View ArticleThreat Groups SandCat, FruityArmor Exploiting Microsoft Win32k Flaw
Newly patched CVE-2019-0797 is being actively exploited by two APTs, FruityArmor and SandCat.
View Article
