Safeguard
Tag

zero-day

Safeguard articles tagged "zero-day" — guides, analysis, and best practices for software supply chain and application security.

80 articles

Vulnerability Analysis

Palo Alto PAN-OS Zero-Day CVE-2024-3400: Command Injection in GlobalProtect

A critical command injection vulnerability in Palo Alto Networks PAN-OS GlobalProtect feature was exploited as a zero-day, giving attackers root access to firewalls protecting enterprise networks.

Apr 12, 20245 min read
Vulnerability Analysis

Ivanti Connect Secure Zero-Day: CVE-2024-21887 and CVE-2023-46805 Exploited in the Wild

Two chained zero-days in Ivanti Connect Secure VPN appliances gave attackers unauthenticated remote code execution. Here's what happened and why perimeter devices remain a favorite target.

Jan 10, 20245 min read
Vulnerability Management

A History of Browser Sandbox Escapes and What They Teach Us

Browser sandboxes are the last line of defense against web-based attacks. When they fail, everything is exposed. Here is what the major escapes reveal.

Oct 25, 20235 min read
Vulnerability Analysis

Cisco IOS XE CVE-2023-20198: Tens of Thousands of Devices Implanted

A critical zero-day in Cisco IOS XE's web UI allowed unauthenticated attackers to create admin accounts and deploy implants on over 40,000 devices worldwide.

Oct 16, 20235 min read
Zero-Day Exploits

Cisco IOS XE CVE-2023-20198: The Zero-Day That Compromised Tens of Thousands of Network Devices

CVE-2023-20198 in Cisco IOS XE allowed unauthenticated attackers to create admin accounts on network devices. Over 40,000 devices were compromised before Cisco shipped a fix.

Oct 16, 20236 min read
Vulnerability Analysis

WinRAR Zero-Day CVE-2023-38831: Weaponized Archives in the Wild

A WinRAR vulnerability exploited since April 2023 allowed attackers to execute arbitrary code when users opened seemingly harmless files inside ZIP archives.

Aug 20, 20235 min read
Vulnerability Analysis

Ivanti EPMM Zero-Day CVE-2023-35078: Norwegian Government Breach

A critical authentication bypass in Ivanti's Endpoint Manager Mobile was exploited to breach Norwegian government agencies, earning a perfect CVSS 10.0 score.

Aug 8, 20234 min read
Vulnerability Analysis

Citrix NetScaler Zero-Day CVE-2023-3519: Mass Exploitation in the Wild

CVE-2023-3519 allowed unauthenticated remote code execution on Citrix NetScaler ADC and Gateway devices, leading to widespread exploitation and CISA emergency directives.

Jul 18, 20235 min read
Vulnerability Analysis

Zimbra Collaboration CVE-2023-37580: XSS Zero-Day Exploited by Four Nation-State Groups

A reflected XSS vulnerability in Zimbra Collaboration was exploited by four distinct threat groups targeting government organizations worldwide. The campaign showed how even 'low severity' bugs enable espionage.

Jul 13, 20235 min read
Ransomware

Clop Ransomware and the MOVEit Campaign: Mass Exploitation at Scale

Clop's exploitation of MOVEit Transfer compromised over 2,500 organizations in one campaign, demonstrating a shift from traditional ransomware to mass vulnerability exploitation.

Jul 5, 20237 min read
Incident Analysis

MOVEit Vulnerability Mass Exploitation: A Field Analysis

Inside the Cl0p ransomware gang's zero-day attack on Progress MOVEit Transfer, the CVE-2023-34362 timeline, and the supply chain lessons it exposed.

Jun 25, 20235 min read
Vulnerability Analysis

Barracuda ESG Zero-Day CVE-2023-2868: When Patching Isn't Enough

Barracuda told customers to physically replace compromised Email Security Gateway appliances. The vulnerability had been exploited since October 2022.

Jun 15, 20236 min read
zero-day (Page 6) — Safeguard Blog