Browsing category

Vulnerabilities

Microsoft confirms critical Exchange vulnerability

This privilege escalation flaw would allow a remote attacker to impersonate an administrator Microsoft has confirmed the existence of privilege escalation vulnerability on the Exchange server that is considered critical. According to network security and ethical hacking specialists from the International Institute of Cyber Security, this flaw could allow a hacker with a simple mailbox […]

Vulnerability allows hacking an Android smartphone using only a PNG image

Google claims that this vulnerability has not yet been exploited in the wild Ethical hacking and network security specialists from the International Institute of Cyber Security recommend smartphone with Android operating system users to be cautious when opening or downloading images on their devices because, oddly enough, this could compromise users’ security. According to recent […]

A New Critical RCE Vulnerability in LibreOffice that Exploit Windows & Linux Systems

The researcher found new Remote code execution vulnerability in widely used LibreOffice that allows attackers to exploit the arbitrary code in Windows and Linux Platform. LibreOffice is a free and open-source office suite which is developed by The Document Foundation and it is a widely used office suite for both individuals and the corporate environment. LibreOffice can […]

Critical vulnerabilities affect 3G, 4G and upcoming 5G protocol

An attacker could intercept communication metadata to locate of a mobile phone Network security and ethical hacking specialists reported the discovery of vulnerability in the 5G communication protocol, which will be implemented soon. Apparently this vulnerability is more severe than the previously ones discovered, as it affects the 3G and 4G protocols in addition to […]

Skyscanner launches its own vulnerability bounty program

The travelers’ website will launch a vulnerability bounty program; ethical hackers may receive up to $2k USD per report Skyscanner, a popular travel search website, has announced the creation of its own public vulnerability bounty program. According to network security and ethical hacking experts from the International Institute of Cyber Security, the company offers rewards […]

Microsoft Exchange Vulnerability Alert

The international coordination center for vulnerability disclosures has alerted about this critical error The CERT Coordination Center (CERT/CC) has launched a vulnerability warning for Microsoft Exchange 2013 and later versions. According to network security and ethical hacking specialists from the International Institute of Cyber Security, the problem with Microsoft’s online service is a vulnerability to […]

FaceTime vulnerability allows spying on Apple users

It is recommended that Apple users disable this app, at least until it is updated Network security and ethical hacking specialists from the International Institute of Cyber Security reported the discovery of an unpatched vulnerability in FaceTime, the Apple application for making audio and video calls. According to reports, this bug would allow the receiver […]

Hackers Exploiting More than 9000 Cisco RV320/RV325 Routers After POC published in GitHub

Cybercriminals now actively exploiting 9,852 Cisco RV320/RV325 routers that are vulnerable to critical remote code execution vulnerabilities CVE-2019-1653, CVE-2019-1652. A vulnerability in the Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information from CVE-2019-1653, and a remote attacker with administrative privileges on an affected […]

Critical vulnerabilities in Cisco routers affect thousands of companies in the entire world

The firm has already released update patches for several SMEs products The Cisco technology firm recently launched update patches to address two critical vulnerabilities present in RV320 and RV325 routers, products widely used in small businesses. According to network security specialists, the first of these failures (CVE-2019-1653) could be exploited by remote attackers to access […]

Vulnerability in Sky Go could leak user’s sensitive information

A malicious user could perform a Man-in-The-Middle attack to extract user’s sensitive information Network security and ethical hacking specialists from the International Institute of Cyber Security report the finding of a new vulnerability in the desktop application for Windows Sky Go; the error in question leaks multiple session data, including victim’s usernames. Sean Wright, specialized […]

Critical vulnerability on Linux APT GET in Debian, Ubuntu and Mint distros

APT, one of the major Linux software installation programs, presents a serious security flaw Users willing to install programs in Linux distributions such as Debian, Ubuntu, or Mint, usually resort to using the main software installation program known as the Advance Package Tool (APT). Although functional under appropriate circumstances, network security and ethical hacking experts […]

Vulnerabilities allow remote access in Safari for iPhone X

A combination of two exploits allows attackers to install malicious code on IPhone X devices A network security researcher from China has recently revealed technical details about some critical vulnerability in iOS and Safari, the Apple browser, which, if exploited, could allow an attacker to remotely compromise an iPhone X with operating system iOS 12.1.2 […]

MySQL vulnerability allows server’s files access

An attacker could run a malicious MySQL server and gain access to the connected data, as reported in a security message MySQL administrators have posted a security alert informing users about a drawback with LOCAL LOAD DATA, noting that “the declaration can load a file located on the server host or, if the local keyword […]

Vulnerabilities found in WiFi chips firmware

A specialist recently published the findings of his research According to experts in network security and ethical hacking from the International Institute of Cyber Security, the firmware of the WiFi chips used in various devices presents multiple security drawbacks. According to reports, some of these flaws could be exploited for remote execution of arbitrary code, […]

Critical vulnerability in Cisco devices exposes networks of thousands of SMEs

A default configuration grants full admin-level access to unauthenticated remote users A critical uncorrected vulnerability in the Cisco product called Small Business Switch, widely used by SMEs, leaves systems vulnerable to remote attacks by unauthenticated users. According to experts in network security and ethical hacking from the International Institute of Cyber Security, an attacker could […]

Over 200 vulnerabilities found in Oracle

The company recommends that system administrators stay on the lookout for the release of update patches During its January update, the Oracle data management system announced that patches will be included to correct 248 new vulnerabilities present in multiple protocols, from the popular Oracle Database System to Solaris, Java and MySQL, as reported by network […]

Critical vulnerabilities found in Drupal

Developers recommend users to update their systems as soon as possible The Drupal content management system (CMS) has just launched two security updates to correct critical vulnerabilities, as reported by network security and ethical hacking experts from the International Institute of Cyber Security. According to reports, if vulnerabilities were to be exploited, they would allow […]

Vulnerability in Amadeus systems exposes travel records of millions of people

This error could have allowed hackers to modify multiple travel details Ethical hacking and network security specialists from the International Institute of Cyber Security report that due to a recently discovered vulnerability in the Amadeus reservation system, an attacker or attackers were able to access and change the reservations using only a reservation number.   The […]

36-year-old vulnerabilities in SCP

These flaws could lead to remote code execution on compromised systems According to experts in network security and ethical hacking from the International Institute of Cyber Security, a set of 36-year-old vulnerabilities in the implementation of the Secure Copy Protocol (SCP) of multiple client applications has been discovered; vulnerabilities could be exploited by malicious users […]

Hotel group launches its own vulnerability bounty program

Hyatt Hotels will begin collaboration with external experts to avoid incidents that may affect its customers’ personal data Network security and ethical hacking specialists from the International Institute of Cyber Security reported that Hyatt Hotels has announced the implementation of its own vulnerability bounty program, after suffering a payment card information theft incident. The company […]

Vulnerabilities in automobiles affect their resale price

Many owners of software-faulted vehicles claim that these errors represent a decrease in their value According to cybersecurity and ethical hacking specialists from the International Institute of Cyber Security, a collective lawsuit has been filed against Fiat Chrysler Automobiles (FCA). The plaintiffs claim that the company was aware of some cybersecurity gaps present in their […]