An exploration of zero-click attack surface for the popular video conferencing solution Zoom has yielded two previously undisclosed security vulnerabilities that could have been exploited to crash the service, execute malicious code, and even leak arbitrary areas of its memory. Natalie Silvanovich of Google Project Zero, who discovered and reported the two flaws last year, said … [Read more...] about Google Details Two Zero-Day Bugs Reported in Zoom Clients and MMR Servers
clients
Attack on DEX exchange clients in Discord
Following recent scams involving fake cryptocurrency exchanges and fake news sites, we recently uncovered a third campaign, one using fake DEX exchanges and aimed at cryptocurrency enthusiasts on the Discord messaging app. Here’s how the new scheme works. A word about cryptocurrency exchanges First, what’s a DEX? Two types of cryptocurrency exchanges exist: centralized (CEX) … [Read more...] about Attack on DEX exchange clients in Discord