Latest zero-days Total: 388, in 2018: Zero-days 13, candidates: 0

CSRF in multiple DrayTek routers

Vulnerability exploitation was spotted by users of DrayTek routers. Attackers used CSRF vulnerability to change DNS settings of multiple routers to address:

Multiple vulnerabilities in Adobe Reader and Acrobat

JS/Exploit.Pdfka.QNV trojan (ESET)

In March 2018 ESET detected attacks using two zero-day vulnerabilities in Microsoft win32k.sys driver (CVE-2018-8120) and and Adobe Acrobat.

Privilege escalation in Microsoft Windows win32k.sys driver

Win32/Exploit.CVE-2018-8120.A trojan (ESET)

The vulnerability was reported by ESET in March 2018. The attackers used this vulnerability along with double free error in Adobe Acrobat CVE-2018-4990.

Remote denial of service in Matrix Synapse

The attack was performed on Sunday, April 29 against and that made the rooms temporarily unusable.

Vulnerability Scanning SaaS

Vulnerability scanning SaaS service is online 3-rd generation vulnerability scanner with scheduled assessments and vulnerability subscription. You can use service to check security of your network perimeter.