zero-day | Breaking Cybersecurity News | The Hacker News

The US government, particularly the National Security Agency  has been paying a French security firm for backdoors and zero day hacks. According to a contract newly released in response to a Freedom of Information request, last year the NSA purchased a 12-month subscription to a " binary analysis and exploits service " sold by Vupen, a zero-day Exploit Seller based in France. VUPEN is one of a handful of companies that sell software exploits and vulnerability details, who do original vulnerability research and develop exploits for bugs that they find. They Sold those exploits to the Governments and Law enforcement agencies. VUPEN has promised that the company only will sell its services to NATO countries and will not deal with oppressive regimes. It is unclear how much money the NSA spent on the Vupen exploits package because the cost has been redacted in the released contract. Last year, Vupen researchers successfully cracked Google's Chrome browser, but declined to

All supported versions of Internet Explorer are vulnerable to a zero-day Exploit that is currently being exploited in targeted attacks against IE 8 and IE 9, dubbed " CVE-2013-3893 MSHTML Shim Workaround ". Microsoft confirmed that the flaw was unknown before the attacks and that it is already working on an official patch, meantime Microsoft released an emergency software fix for Internet Explorer (IE) Web browser. Advisory noted that Microsoft is investigating public reports of a remote code execution vulnerability in Internet Explorer. This issue could allow remote code execution if an affected system browses to a website containing malicious content directed towards the specific browser type. Victims could be infected despite the adoption of all necessary countermeasures due the nature of the flaw previously unknown. The flaw that has been recently targeted by hackers during attacks is considerable serious and complicated to fix. State-sponsored hackin

Over the past two years, a shocking  51% of organizations surveyed in a leading industry report have been compromised by a cyberattack.  Yes, over half.  And this, in a world where enterprises deploy  an average of 53 different security solutions  to safeguard their digital domain.  Alarming? Absolutely. A recent survey of CISOs and CIOs, commissioned by Pentera and conducted by Global Surveyz Research, offers a quantifiable glimpse into this evolving battlefield, revealing a stark contrast between the growing risks and the tightening budget constraints under which cybersecurity professionals operate. With this report, Pentera has once again taken a magnifying glass to the state of pentesting to release its annual report about today's pentesting practices. Engaging with 450 security executives from North America, LATAM, APAC, and EMEA—all in VP or C-level positions at organizations with over 1,000 employees—the report paints a current picture of modern security validation prac

A new Java 0-day vulnerability has been discovered, already wind in use by an exploit pack, taking advantage of a fresh zero-day vulnerability in Java and potentially letting hackers take over users' machines. Java 7 Update 10 and earlier contain an unspecified vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. The flaw was first spotted by 'Malware Don't Need Coffee' blog . This vulnerability is being attacked in the wild, and is reported to be incorporated into exploit kits. This exploit is already available in two Exploit Packs, that is available for $700 a quarter or $1,500 for a year. Similar tactics were used in CVE-2012-4681 , which was discovered last August. Source of this new Exploit available to download Here . The two most popular exploits packs used by hackers to distribute malware, the BlackHole Exploit Kit and the Cool Exploit Kit already having this latest Java Zero-Day exploit. Blackhole ki

Symantec product PGP Whole Disk Encryption which is used to encrypt all the contents on the disk on a block-by-block basis having Zero-Day Vulnerability, according to a pastebin note . Note was posted on 25th Dec by Nikita Tarakanov , claiming that  pgpwded.sys kernel driver distributed with Symantec PGP Desktop contains an arbitrary memory overwrite vulnerability. Affected version of software is Symantec PGP Desktop 10.2.0 Build 2599 (up-to date). Through a blog post , Symantec confirmed that its a potential issue, but it cannot easily be exploited. Vulnerability is limited to systems running Windows XP and Windows 2003 only. An attacker would need local access to a vulnerable computer to exploit this vulnerability. Note posted by Nikita also provide technical details on the issue, that help Symantec encryption engineering team to understand the issue. " However, the exploit would be very difficult to trigger as it relies on the system entering an error condition f

Researcher discovered Multiple Zero-day vulnerabilities in MySQL database software including Stack based buffer overrun, Heap Based Overrun, Privilege Elevation, Denial of Service and  Remote Preauth User Enumeration. Common Vulnerabilities and Exposures (CVE) assigned as : CVE-2012-5611 — MySQL (Linux) Stack based buffer overrun PoC Zeroday CVE-2012-5612 — MySQL (Linux) Heap Based Overrun PoC Zeroday CVE-2012-5613 — MySQL (Linux) Database Privilege Elevation Zeroday Exploit CVE-2012-5614 — MySQL Denial of Service Zeroday PoC CVE-2012-5615 — MySQL Remote Preauth User Enumeration Zeroday Currently, all reported bugs are under review and most of the researchers believed that some of these can be duplicate of an existing bugs. CVE-2012-5612 and CVE-2012-5614 could cause the SQL instance to crash, according to researchers. Where as another interesting bug CVE-2012-5615 allow attacker to find out that either any username exist on the Mysql server or not by repl

Group-IB , a Russian cybercrime investigation company has discovered a zero-day vulnerability, affects Adobe Reader X and Adobe Reader XI. The vulnerability is also included in new modified version of Blackhole Exploit-Kit , which is used for the distributing the banking Trojans (Zeus, Spyeye, Carberp, Citadel) with the help of exploitation different vulnerabilities in client-side software. The particular exploit is available in underground forums for as much as $50,000 and bug is dangerous because it permits cybercriminals to run arbitrary shellcode by bypassing the sandbox feature integrated into the more recent versions of Adobe Reader. For now this flaw is distributed only in only small circles of the underground but it has the potential for much larger post-exploitation methods. The exploit is limited to  Microsoft Windows installations of Adobe Reader and it can't be fully executed until the user closes his Web browser (or Reader). Adobe representatives said that