Today we had a chance to write an exploit (remote) for the IIS v7.

IIS v7 = 800K USD

MemGC is a feature amongst others that gon' be bypassed soon.

Have you ever thought of implementation of a source level instrumentation by the Hot Patch feature?

/INTEGRITYCHECK is a neat flavor.

The new Microsoft Visual Studio optimizer seems provisioned.

Automated Exploit Detection in Binaries by Luis Miras still works in 2016.

There are targets inside Iran being the sole victim of the Vijeo Citect HMI from the Schneider Electrics.

A Cyber-Espionage malware has been spotted in GeoIP of Pakistan. It's a very complex threat, leading to Cisco IOS remote pwnage.

An iOS application named i-FunBox found to be exploitable.

VTGuard on Internet Explorer itself is based on VPTRs and VTs, funny cap with _funcap.

Working with the Samsung Smart View reveals funny stuff.

An old school stack-based overflow has been found on Proxifier software.

DLL Hijacking 0day on MS Office Word has been spotted in the wild.

Exploitation of WhatsApp messenger has been spotted in the wild.

A new technique (of address access probing) in Egg-Hunting has been found in a Chinese exploit kit.

Have you ever disassembled NtQueryIntervalProfile routine?

It has been proved in the public incident of NSO Group.

A new exploit on Cisco IOS has been spotted in the wild, with the price of $3M.

A new 0day in QNAP devices (all-models, all-types) is being largely used by Russian threat actors.

A new 0day in Microsoft Windows Active Directory has been spotted in the wild. An underground community is selling it for $3M.