ZDNet Zero Day

Subscribe to ZDNet Zero Day feed ZDNet Zero Day
ZDNet | security RSS
Updated: 20 hours 49 min ago

TPM-FAIL vulnerabilities impact TPM chips in desktops, laptops, servers

Tue, 11/12/2019 - 22:23
TPM-FAIL lets attackers steal private keys from TPMs. Attacks take from minutes to a few hours.
Categories: Security News

Microsoft's November 2019 Patch Tuesday arrives with a patch for an IE zero-day

Tue, 11/12/2019 - 15:48
The November 2019 Patch Tuesday fixes 74 vulnerabilities, of which 13 are rated "Critical."
Categories: Security News

Intel, Mozilla, Red Hat, and Fastly partner to make WebAssembly a cross-platform runtime

Tue, 11/12/2019 - 13:04
The Bytecode Alliance's main goal is to promote the use of security-hardened WebAssembly tools.
Categories: Security News

Flaw in Intel PMx driver gives 'near-omnipotent control over a victim device'

Tue, 11/12/2019 - 12:00
Intel released an updated version of pmxdrvx64.sys and pmxdrv.sys; however, patching might take a while.
Categories: Security News

Intel's Cascade Lake CPUs impacted by new Zombieload v2 attack

Tue, 11/12/2019 - 12:00
Zombieload v2 impacts Intel CPUs released since 2013, if they support the Intel TSX instruction set.
Categories: Security News

Manual code review finds 35 vulnerabilities in 8 enclave SDKs

Tue, 11/12/2019 - 12:00
All issues have been privately reported and patches are available.
Categories: Security News

McAfee antivirus software impacted by code execution vulnerability

Tue, 11/12/2019 - 10:05
The severe security flaw can bypass self-defense mechanisms.
Categories: Security News

Mexico’s Pemex oil provider says attempted hack ‘neutralized’

Tue, 11/12/2019 - 04:23
A suspected attack involving Ryuk impacted less than five percent of systems.
Categories: Security News

Facebook ordered to remove fake cryptocurrency adverts featuring celebrity

Tue, 11/12/2019 - 02:54
A Dutch court has demanded that Facebook ups its game when it comes to ad fraud.
Categories: Security News

New Buran ransomware-as-a-service tempts criminals with discount licenses

Mon, 11/11/2019 - 03:52
A new RaaS offering is attempting to undercut competitors to become established in the lucrative criminal space.
Categories: Security News

BlueKeep exploit to get a fix for its BSOD problem

Sun, 11/10/2019 - 23:30
Microsoft's Meltdown patch was causing BlueKeep attacks to crash on some systems.
Categories: Security News

Major ASP.NET hosting provider infected by ransomware

Sun, 11/10/2019 - 09:55
SmarterASP.NET, a company with more than 440,000 customers, said it's been hit by ransomware over the weekend.
Categories: Security News

Apple Mail on macOS leaves parts of encrypted emails in plaintext

Fri, 11/08/2019 - 15:37
Apple has known since July, but a fix is still not available.
Categories: Security News

Phones and PCs sold in Russia will have to come pre-installed with Russian apps

Fri, 11/08/2019 - 12:29
Russian lawmakers say the bill will protect Russian software companies from abuses by foreign tech firms.
Categories: Security News

Platinum APT’s new Titanium backdoor mimics popular PC software to stay hidden

Fri, 11/08/2019 - 09:56
The group uses encryption, fileless technologies, and mimicry to stay under the radar.
Categories: Security News

ConnectWise warns of ongoing ransomware attacks targeting its customers

Fri, 11/08/2019 - 07:25
Hackers are trying to break into on-premise ConnectWise Automate systems and install ransomware on customer networks.
Categories: Security News

Nvidia patches severe GeForce, GPU vulnerabilities

Fri, 11/08/2019 - 06:59
The worst bugs paved the way for code execution and information leaks.
Categories: Security News

Aventura charged for flogging Chinese spy equipment to US gov’t with security vulnerabilities

Fri, 11/08/2019 - 05:28
The company also falsely claimed the equipment was made in the United States.
Categories: Security News

Microsoft warns users to stay alert for more BlueKeep attacks

Thu, 11/07/2019 - 21:39
Microsoft: BlueKeep exploit will likely be used to deliver payloads more impactful and damaging than coin miners.
Categories: Security News

DNS-over-HTTPS will eventually roll out in all major browsers, despite ISP opposition

Thu, 11/07/2019 - 18:09
DoH support is already present in all major browsers. Users just have to enable it and configure it.
Categories: Security News