Datum | Název | Blog | Companies |
7.11.20 | Google discloses Windows zero‑day bug exploited in the wild | Exploit blog | Eset |
30.10.20 | Exploit Developer Spotlight: The Story of PlayBit | Exploit blog | Checkpoint |
30.10.20 | Over 100,000 machines remain vulnerable to SMBGhost exploitation | Exploit blog | Eset |
3.10.20 | Graphology of an Exploit – Hunting for exploits by looking for the author’s fingerprints | Exploit blog | Checkpoint |
3.10.20 | Microsoft Netlogon exploitation continues to rise | Exploit blog | Cisco Talos |
5.9.20 | Exploits in the Wild for vBulletin Pre-Auth RCE Vulnerability CVE-2020-17496 | Exploit blog | Palo Alto Unity42 |
30.8.20 | The State of Exploit Development: 80% of Exploits Publish Faster than CVEs | Exploit blog | Palo Alto Unity42 |
15.8.20 | MMS Exploit Part 5: Defeating Android ASLR, Getting RCE | Exploit blog | Project Zero |
5.8.20 | | Exploit blog | Project Zero |
5.8.20 | Exploiting Android Messengers with WebRTC: Part 2 | Exploit blog | Project Zero |
5.8.20 | MMS Exploit Part 4: MMS Primer, Completing the ASLR Oracle | Exploit blog | Project Zero |
5.8.20 | Exploiting Android Messengers with WebRTC: Part 1 | Exploit blog | Project Zero |
5.8.20 | The core of Apple is PPL: Breaking the XNU kernel's kernel | Exploit blog | Project Zero |
5.8.20 | One Byte to rule them all | Exploit blog | Project Zero |
5.8.20 | Root Cause Analyses for 0-day In-the-Wild Exploits | Exploit blog | Project Zero |
5.8.20 | Detection Deficit: A Year in Review of 0-days Used In-The-Wild in 2019 | Exploit blog | Project Zero |
5.8.20 | MMS Exploit Part 3: Constructing the Memory Corruption Primitives | Exploit blog | Project Zero |
5.8.20 | MMS Exploit Part 2: Effective Fuzzing of the Qmage Codec | Exploit blog | Project Zero |
26.7.20 | MMS Exploit Part 2: Effective Fuzzing of the Qmage Codec | Exploit blog | Checkpoint |
19.7.20 | MMS Exploit Part 1: Introduction to the Samsung Qmage Codec and Remote Attack Surface | Exploit blog | Project Zero |
17.7.20 | SIGRed – Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers | Exploit blog | Checkpoint |
12.7.20 | How to unc0ver a 0-day in 4 hours or less | Exploit blog | Project Zero |
12.7.20 | FF Sandbox Escape (CVE-2020-12388) | Exploit blog | Project Zero |
12.7.20 | A survey of recent iOS kernel exploits | Exploit blog | Project Zero |
23.5.20 | Safe-Linking – Eliminating a 20 year-old malloc() exploit primitive | Exploit blog | Checkpoint |
9.5.20 | Cybercriminals Actively Exploiting RDP to Target Remote Organizations | Cyber blog Exploit blog | Mcafee blog |
11.4.20 | Zero-Day Exploitation Increasingly Demonstrates Access to Money, Rather than Skill — Intelligence for Vulnerability Management, Part One | Exploit blog | FireEye |
28.3.20 | “I want to learn about exploitation! Where do I start?” | Exploit blog | Checkpoint |
14.3.20 | Beware scams exploiting coronavirus fears | Exploit blog | Eset |
22.2.20 | Mitigations are attack surface, too | Exploit blog | Project Zero |
22.2.20 | Escaping the Chrome Sandbox with RIDL | Exploit blog | Project Zero |
15.2.20 | A day^W^W Several months in the life of Project Zero - Part 2: The Chrome exploit of suffering | Exploit blog | Project Zero |
15.2.20 | A day^W^W Several months in the life of Project Zero - Part 1: The Chrome bug of suffering | Exploit blog | Project Zero |
15.2.20 | Mitigations are attack surface, too | Exploit blog | Project Zero |
1.2.20 | Part II: Returning to Adobe Reader symbols on macOS | Exploit blog | Project Zero |
25.1.20 | An Inside Look into Microsoft Rich Text Format and OLE Exploits | Exploit blog | Mcafee blog |
19.1.20 | Exploits in the Wild for Citrix ADC and Citrix Gateway Directory Traversal Vulnerability CVE-2019-19781 | Exploit blog | Palo Alto Unity42 |
18.1.20 | 404 Exploit Not Found: Vigilante Deploying Mitigation for Citrix NetScaler Vulnerability While Maintaining Backdoor | Exploit blog | FireEye |
11.1.20 | Remote iPhone Exploitation Part 3: From Memory Corruption to JavaScript and Back -- Gaining Code Execution | Exploit blog | Project Zero |
11.1.20 | Remote iPhone Exploitation Part 2: Bringing Light into the Darkness -- a Remote ASLR Bypass | Exploit blog | Project Zero |
11.1.20 | Remote iPhone Exploitation Part 1: Poking Memory via iMessage and CVE-2019-8641 | Exploit blog | Project Zero |