Latest zero-days Total: 376, in 2018: Zero-days 3, candidates: 0

Remote code execution in PyBitmessage

The vulnerability was used in the wild against PyBitmessage v0.6.2 users. According to vendor's notice, Bitmessage developer Peter Ĺ urda's Bitmessage addresses were compromised as well by the attackers.

Remote code execution in Adobe Flash Player
CVE-2018-4878

DOGCALL
Rokrat

KR-CERT reported in the wild exploitation of zero-day vulnerability in the latest version of Adobe Flash Player. According to the South Korean Computer Emergency Response Team (KR-CERT), the exploit has being used in the wild since mid-November 2017.

Security experts for FireEye linked the vulnerability to the hacking group TEMP.Reaper. The IP-addresses from which attacks were connected with the C&C-servers belong to the Internet provider Star JV - a joint venture of North Korea and Thailand.

Cisco Talos observed use of vulnerability in attacks conducted by Group 123.

According to FireEye, after successful exploitation of the vulnerability the system is infected with DOGCALL malware.

Cisco Talos specialists also reported cyberattacks using the malicious software, which they called Rokrat.

Remote code execution in Huawei HG532 routers
CVE-2017-17215

Satori botnet, Mirai malware

The vulnerability has been used in Satori attacks against Huawei's router model HG532. The most targeted countries include the United States, Italy, Germany, and Egypt.

Vulnerability Scanning SaaS

Vulnerability scanning SaaS service is online 3-rd generation vulnerability scanner with scheduled assessments and vulnerability subscription. You can use service to check security of your network perimeter.