Think, Talk, Hack

Browsing category

Vulnerabilities

Hackers Exploiting More than 9000 Cisco RV320/RV325 Routers After POC published in GitHub

Cybercriminals now actively exploiting 9,852 Cisco RV320/RV325 routers that are vulnerable to critical remote code execution vulnerabilities CVE-2019-1653, CVE-2019-1652. A vulnerability in the Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information from CVE-2019-1653, and a remote attacker with administrative privileges on an affected […]

root

Critical vulnerabilities in Cisco routers affect thousands of companies in the entire world

The firm has already released update patches for several SMEs products The Cisco technology firm recently launched update patches to address two critical vulnerabilities present in RV320 and RV325 routers, products widely used in small businesses. According to network security specialists, the first of these failures (CVE-2019-1653) could be exploited by remote attackers to access […]

root

Vulnerability in Sky Go could leak user’s sensitive information

A malicious user could perform a Man-in-The-Middle attack to extract user’s sensitive information Network security and ethical hacking specialists from the International Institute of Cyber Security report the finding of a new vulnerability in the desktop application for Windows Sky Go; the error in question leaks multiple session data, including victim’s usernames. Sean Wright, specialized […]

root

Critical vulnerability on Linux APT GET in Debian, Ubuntu and Mint distros

APT, one of the major Linux software installation programs, presents a serious security flaw Users willing to install programs in Linux distributions such as Debian, Ubuntu, or Mint, usually resort to using the main software installation program known as the Advance Package Tool (APT). Although functional under appropriate circumstances, network security and ethical hacking experts […]

root

Vulnerabilities allow remote access in Safari for iPhone X

A combination of two exploits allows attackers to install malicious code on IPhone X devices A network security researcher from China has recently revealed technical details about some critical vulnerability in iOS and Safari, the Apple browser, which, if exploited, could allow an attacker to remotely compromise an iPhone X with operating system iOS 12.1.2 […]

root

MySQL vulnerability allows server’s files access

An attacker could run a malicious MySQL server and gain access to the connected data, as reported in a security message MySQL administrators have posted a security alert informing users about a drawback with LOCAL LOAD DATA, noting that “the declaration can load a file located on the server host or, if the local keyword […]

root

Vulnerabilities found in WiFi chips firmware

A specialist recently published the findings of his research According to experts in network security and ethical hacking from the International Institute of Cyber Security, the firmware of the WiFi chips used in various devices presents multiple security drawbacks. According to reports, some of these flaws could be exploited for remote execution of arbitrary code, […]

root

Critical vulnerability in Cisco devices exposes networks of thousands of SMEs

A default configuration grants full admin-level access to unauthenticated remote users A critical uncorrected vulnerability in the Cisco product called Small Business Switch, widely used by SMEs, leaves systems vulnerable to remote attacks by unauthenticated users. According to experts in network security and ethical hacking from the International Institute of Cyber Security, an attacker could […]

root

Over 200 vulnerabilities found in Oracle

The company recommends that system administrators stay on the lookout for the release of update patches During its January update, the Oracle data management system announced that patches will be included to correct 248 new vulnerabilities present in multiple protocols, from the popular Oracle Database System to Solaris, Java and MySQL, as reported by network […]

root

Critical vulnerabilities found in Drupal

Developers recommend users to update their systems as soon as possible The Drupal content management system (CMS) has just launched two security updates to correct critical vulnerabilities, as reported by network security and ethical hacking experts from the International Institute of Cyber Security. According to reports, if vulnerabilities were to be exploited, they would allow […]

root

Vulnerability in Amadeus systems exposes travel records of millions of people

This error could have allowed hackers to modify multiple travel details Ethical hacking and network security specialists from the International Institute of Cyber Security report that due to a recently discovered vulnerability in the Amadeus reservation system, an attacker or attackers were able to access and change the reservations using only a reservation number.   The […]

root

36-year-old vulnerabilities in SCP

These flaws could lead to remote code execution on compromised systems According to experts in network security and ethical hacking from the International Institute of Cyber Security, a set of 36-year-old vulnerabilities in the implementation of the Secure Copy Protocol (SCP) of multiple client applications has been discovered; vulnerabilities could be exploited by malicious users […]

root

Hotel group launches its own vulnerability bounty program

Hyatt Hotels will begin collaboration with external experts to avoid incidents that may affect its customers’ personal data Network security and ethical hacking specialists from the International Institute of Cyber Security reported that Hyatt Hotels has announced the implementation of its own vulnerability bounty program, after suffering a payment card information theft incident. The company […]

root

Vulnerabilities in automobiles affect their resale price

Many owners of software-faulted vehicles claim that these errors represent a decrease in their value According to cybersecurity and ethical hacking specialists from the International Institute of Cyber Security, a collective lawsuit has been filed against Fiat Chrysler Automobiles (FCA). The plaintiffs claim that the company was aware of some cybersecurity gaps present in their […]

root

Recently found critical vulnerabilities in SAP system

The company is preparing 11 patches to correct these flaws Last Tuesday the SAP business provider launched 11 different security alerts for its users. According to cybersecurity and ethical hacking specialists from the International Institute of Cyber Security, the company informed its customers about the launch of a series of security patches to correct vulnerabilities […]

root

Zero-day vulnerability in Windows allows overwriting any file

This is the fourth zero-day vulnerability in Windows revealed in December 2018 A cybersecurity researcher has revealed the code to exploit critical zero-day vulnerability present in the Windows operating system, the fourth security error of this class presented during the last month of 2018. According to specialists from the International Institute of Cyber Security, this […]

root

Zero-day vulnerability in Microsoft Internet Explorer; update your system now

A new remote code execution flaw affects the Microsoft browser Cybersecurity experts from the International Institute of Cyber Security report that Microsoft has just launched an urgent security update to correct critical zero-day vulnerability in the Internet Explorer browser. According to reports, there is evidence that some malicious hackers have been exploiting this vulnerability in the […]

root

Critical vulnerability in SQLite; you should update now

This software is used by thousands of organizations in the world Digital forensics specialists from the International Cyber Security Institute report the discovery of a critical vulnerability in the SQLite software, a widely used database engine; according to reports, the vulnerability could expose millions of implementations to multiple cyberattacks. The SQLite vulnerability, nicknamed “Magellan” by […]

root

Vulnerability in Samsung exposed user accounts

The flaw would have allowed an attacker to generate a new password A Ukrainian digital forensics expert known as Artem Mokowsky reported the finding of three security issues in Samsung account management system, which earned him a reward of about $13k USD. The professional specialized in vulnerability hunting had previously received a reward of $25k […]

root

126 vulnerabilities patched in Microsoft and Adobe this December 2018

Multiple update patches are coming Sysadmins will work overtime over the next holidays. According to digital forensics specialists from the International Institute of Cyber Security, the next update patch set to be launched by Microsoft includes fixes for nine critical vulnerabilities, including the repair of zero-day vulnerability. In addition to the 39 errors reported by […]

root