Browsing category
Although 5G is faster and more secure than 4G, new research indicates that it still has some vulnerabilities, which poses a certain risk to mobile phone users. Security researchers at Purdue University and the University of Iowa have discovered nearly 12 vulnerabilities, saying they can be used to track victims in real-time, to deceive emergency […]
On November 12, 2019, Microsoft routinely released a security update for November. The security update covers the Windows operating system, IE/Edge browser, scripting engine/ChakraCore, Office suite, Exchange services, and Visual Studio. A total of 74 CVEs, 13 high-risk vulnerabilities, and 61 intermediate-risk vulnerabilities. Vulnerability Details Scripting Engine Remote Code Execution Vulnerability CVE-2019-1429 According to the […]
In the recent GeForce 441.12 release, NVIDIA fixed several undisclosed high-risk vulnerabilities, and these vulnerabilities also existed in Quadro, NVS, and Tesla’s Windows drivers. Nowadays, the graphics card driver on Windows has more and more components, and there are many compatible games. There are many functions to be provided, so the code is more and […]
Although the JavaScript library jQuery is still being used, it is no longer as popular as it used to be. According to the open-source security platform Snyk, at least six out of ten websites are currently affected by jQuery XSS vulnerabilities, and even jQuery libraries for extending jQuery functionality introduce more security issues. Snyk released […]
Microsoft’s security team believes that a more destructive BlueKeep attack is coming, and urges users and companies to install application patches in a timely manner. Before Microsoft issued a warning, security researchers detected malware activity and weaponized the BlueKeep vulnerability. The attacker used BlueKeep’s unpatched Windows system and secretly installed a cryptocurrency mining tool. Many […]
Squid is a caching and forwarding HTTP web proxy. It has a wide variety of uses, including speeding up a web server by caching repeated requests, caching web, DNS and other computer network lookups for a group of people sharing network resources, and aiding security by filtering traffic. Although primarily used for HTTP and FTP, […]
Firefox browsers for Mac and Windows have recently become targets of some malicious website attacks, which display false warning notifications and completely lock up the browser. Hackers use a bug in Firefox to tamper with the browser to achieve their goals without user interaction. Mozilla has not announced a solution, but the problem has caused […]
Vulnerability defined as the weakness that allows the attacker to enter in and harm, it may be a flaw in design or misconfiguration. In order to exploit the vulnerability attacker should have applicable tool or technique that connect to the system weakness. Following are the top sources to trace new vulnerabilities. National Vulnerability Database Common […]
The united states department of justice filed a LawSuit against Edward Snowden for publishing a book violating the non-disclosure agreements that he was signed with NSA and CIA. Edward Snowden is a former Central Intelligence Agency (CIA) employee and National Security Agency (NSA) in 2013. The lawsuit does not stop him in the publication of […]
MITRE has released a list of Top 25 Most Dangerous Software Errors (CWE Top 25) that are widely spread and leads to serious vulnerabilities. The list was generated based on the vulnerabilities published within the National Vulnerability Database. These vulnerabilities are easily exploitable and allow an attacker to get complete control over the system. Attackers […]
Cybersecurity is an evolving market, and organizations are always advised to keep their network armed and secured against cybercriminals. Considering the recent sophisticated cyberattacks, Airforce is one key area to explore. US Cyber Command along with NSA does have a competitive cybersecurity advantage in the global market of cybersecurity. The United States is additionally one […]
Security researchers disclosed a new attack dubbed Simjacker, that can be exploited by sending an SMS containing a specific type of spyware codes. The vulnerability found to be actively exploited for more than 2 years by a private company that works for the government to monitor the individuals. How the Simjacker Attack Works The Simjacker […]
According to the indictment, the defendants allegedly ran an entity called Jetflicks, an online, subscription-based service headquartered in Las Vegas that permitted users to stream and, at times, download copyrighted TV programs without the permission of the relevant copyright owners. The defendants reproduced tens of thousands of copyrighted TV episodes without authorization, and distributed the […]
Today, Facebook has documented a complaint against two developers to click injection fraud. The developers have created apps available in the Google Play store to dump malware on their customer phones. The malware clicks fake customers on Facebook advertisements that were shown on the customer’s phones, leaving the impression that the customers have clicked on […]
Microsoft launched Azure Security Lab, a set of dedicated cloud hosts for researchers to confidently and aggressively test Azure vulnerabilities. Azure is a cloud computing service used by several organizations for building, testing, deploying, and managing applications and services. The Microsoft Azure is previously known as Windows Azure. To make Azure exceptionally secure, Microsoft enhanced […]
A misconfiguration vulnerability with JIRA servers leaks internal user and project data of hundreds and thousands of companies which were using JIRA. The JIRA is an Atlassian task tracking systems used by lots of companies for bug tracking and project management. It is used in over 135,000 companies in 122 countries. It is an intended […]
Black Hat, the world’s leading producer of information security events, kicks off in USA on August 3-8, 2019 at the Mandalay Bay Convention Center. Black Hat USA will span the very latest information security research, development, and trends. The event will cover everything from critical vulnerabilities found in voting machines, aircrafts, cars, mobile devices, social […]
Researchers at AV-TEST have concluded that Windows Defender is the top antivirus product on the market. Tests showed that Windows Defender is performing at the same level as popular services such as Kaspersky and Symantec. Windows Defender scored 18 points in these tests, positioning it in a tie for the top spot alongside Kaspersky and […]
Capital One, the fifth-largest U.S. credit-card issuer and banking institution, has recently suffered a data breach exposing the personal information of more than 100 million credit card applicants in the United States and 6 million in Canada. The data breach that occurred on March 22nd and 23rd this year allowed attackers to steal information of […]
A US network security company called Immunity Inc. announced on July 23 that it will launch the BlueKeep exploit module, which will be included in a pen-testing tool called CANVASv7.23, the company’s pen-testing toolkit. BlueKeep, also known as CVE-2019-0708, is a vulnerability in the Remote Desktop Protocol (RemoteDesktop Protocol) service included with older Windows operating […]
Your company faces an array of cyber threats, which are both internal and external. Cybersecurity risk assessment is meant to identify, assess, and implement security controls to pinpoint security vulnerabilities and defects. To safeguard your computer systems from threats, you must apply practices that build an impermeable cyber defense. The process of fortifying your cyber […]