CVE-2024-38213: Copy2Pwn Exploit Evades Windows Web Protections Zero Day Initiative threat researchers discovered CVE... 2024-8-15 23:41:52 | 阅读: 25 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com webdav windows microsoft protections smartscreen

The August 2024 Security Update Review I have successfully survived Summer Hacker Camp, and I hope you have too. And we return just in t... 2024-8-14 02:5:1 | 阅读: 16 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com microsoft windows attacker substance elevation

Introducing the Vanguard Awards This year at Black Hat USA, Trend Micro’s Zero Day Initiative (ZDI) will award our inaugural Vang... 2024-8-5 22:0:0 | 阅读: 3 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com award awards submissions zdi enclosure

Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 3 To wrap up this blog series we wanted to include one more technique that you can use when exploiti... 2024-8-1 23:0:0 | 阅读: 15 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com windows papercut zdi

Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 2 The number of vulnerabilities that we see through the... 2024-7-31 22:48:13 | 阅读: 18 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com alternate eset security ekrn eicar

Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 1 The number of link following vulnerabilities submitte... 2024-7-30 22:13:24 | 阅读: 9 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com avastsvc reparse junction windows

Multiple Vulnerabilities in the Deep Sea Electronics DSE855 Recently, Trend Micro’s ZDI has published multiple ad... 2024-7-26 02:58:0 | 阅读: 10 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com zdi software overflow sea

Announcing Pwn2Own Ireland – Bringing Pwn2Own (and WhatsApp) to the Emerald Isle If you just want to read the rules, you can find them... 2024-7-18 21:12:11 | 阅读: 28 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com contest pwn2own contestants network synology

Uncoordinated Vulnerability Disclosure: The Continuing Issues with CVD On patch Tuesday last week, Microsoft released an update for CVE-2024-38112, which they said was... 2024-7-15 22:49:53 | 阅读: 10 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com microsoft security zdi cvd

The July 2024 Security Update Review We’re just past the halfway point of 2024, and as expected, Microsoft and Adobe have released the... 2024-7-10 01:29:22 | 阅读: 13 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com microsoft windows cves remote licensing

Getting Unauthenticated Remote Code Execution on the Logsign Unified SecOps Platform Earlier this year, the Trend Micro Zero Day Initiativ... 2024-7-2 00:56:53 | 阅读: 9 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com logsign attacker python injection

The June 2024 Security Update Review Somehow, we’ve made it to the sixth patch Tuesday of 2024, and Microsoft and Adobe have released... 2024-6-12 01:31:11 | 阅读: 12 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com microsoft attacker attackers cves windows

CVE-2024-30043: Abusing URL Parsing Confusion to Exploit XXE on SharePoint Server and Cloud Yes, the title is right. This blog covers an XML eXte... 2024-5-30 23:44:46 | 阅读: 10 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com xmlresolver microsoft

MindShaRE: Decapping Chips for Electromagnetic Fault Injection (EMFI) Recently, the automotive VR team has undertaken an ef... 2024-5-24 00:19:47 | 阅读: 5 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com acid decapping sulfuric hot

The May 2024 Security Update Review Welcome to the second Tuesday of May. As expected, Adobe and Microsoft have released their standa... 2024-5-15 01:28:20 | 阅读: 14 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com microsoft attacker windows bypass

CVE-2024-21115: An Oracle VirtualBox LPE Used to Win Pwn2Own In this guest blog from Master of Pwn winner Cody Gall... 2024-5-10 02:8:55 | 阅读: 6 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com vbe vga hevent ioport vgastate

CVE-2024-2887: A Pwn2Own Winning Bug in Google Chrome In this guest blog from Master of Pwn winner Manfred P... 2024-5-3 00:14:11 | 阅读: 21 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com recursive webassembly confusion declared

CVE-2024-20697: Windows Libarchive Remote Code Execution Vulnerability In this excerpt of a Trend Micro Vulnerability Researc... 2024-4-17 21:0:0 | 阅读: 28 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com rarvm library bytecode fileheader offsets

The April 2024 Security Updates Review It’s the second Tuesday of the month, and Adobe and Microsoft have released a fresh crop of secur... 2024-4-10 01:49:6 | 阅读: 11 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com microsoft attacker windows cves dhcp

Pwn2Own Vancouver 2024 - Day Two Results March 21, 2024 | Dustin Childs... 2024-3-21 23:58:13 | 阅读: 16 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com pwn2own chrome microsoft exciting yesterday