Browsing category
Drupal beside some things is also an open-source content management system (CMS) just like WordPress and is used by over a million websites across the globe. Drupal seems to be a top pick for governments and financial sector. However, information security experts report suggest that Drupal contained a highly critical vulnerability that allowed remote hackers full control […]
This injection technique allows the injected code to run before the entry point of the main thread of the process, thereby allowing avoiding detection by anti-malware products’ hooks. Code injection is commonly used by malware to evade detection by injecting a malicious code into a legitimate process, information security experts said. This way the legitimate process serves […]
Intel has addressed vulnerability in the configuration of several CPU series that allow an attacker to alter the behavior of the chip’s SPI Flash memory, a mandatory component used during the boot-up process, information security researchers said. According to Lenovo analysts, who recently deployed the Intel fixes, “the configuration of the system firmware device (SPI flash) could […]
Just because Android tells you it’s patched and everything is safe doesn’t mean it is. But there’s an app to help you determine if you’re being told the truth. It seems that some Android smartphone makers are lying to users about the patch status of their devices, telling them that they’re up-to-date when they aren’t. Here’s […]
JSHielder is an Open Source tool developed to help SysAdmin and developers secure their Linux Servers in which they will be deploying any web application or services. According to information security experts this tool automates the process of installing all the necessary packages to host a web application and Hardening a Linux server with little interaction from […]
Most people rely on Outlook email address for work-related as well as personal tasks. Unfortunately, Outlook may not be as secure as we users would like to think. According to a report published by information security training experts at the Carnegie Mellon Software Engineering Institute, Outlook comes with a security bug that could trigger password hash leaks […]
A 17 Years old Hacker who inspired by Edward Snowden discovered a critical vulnerability in Signal app that allows anyone to Bypass Authentication of Lock Screen in iOS. Signal is an encrypted communications app for Android and iOS. A desktop version is also available for Linux, Windows, and macOS. It allows users to send one-to-one and group […]
Let’s say that your internet connection suddenly went down or, perhaps, you cannot reach your favorite website. There’s a reason for that; according to our sources, there’s a massive attack against Cisco switches going on right now – these switches are used in data-centers all across the globe. A bot that hunts for Ciscos The […]
Biggest Hackers Group Performing Massive Cyber attack against internet service providers, data centers around the world by compromising Cisco switches. Hackers compromising more than 200,000 Cisco devices across the world in this widespread attack, including 3,500 switches in Iran country. A recently discovered Remote Code Execution flaw that affected the Cisco switches Smart Install Client allows an attacker to […]
Intel won’t fix Meltdown nor Spectre for 10 product families covering 230-plus CPUs. Intel has issued new “microcode revision guidance” that reveals it won’t address the Meltdown and Spectre design vulnerabilities in all of its vulnerable processors, in some cases because it’s too tricky to remove the Spectre v2 class of vulnerabilities, the information security training researchers […]
Intel asks the user’s to uninstall the Intel Remote Keyboard for Android and iOS mobile device after researchers disclosed a critical security bug that allows attackers to inject keystrokes and to escalate privileges. The Intel Remote Keyboard enables you to easily integrate your smartphone or tablet with a keyboard and mouse, improving your entertainment experience. […]
WhatsApp cofounder Brian Acton expressed outrage at Facebook’s privacy policies last month by tweeting “It is time. #deletefacebook.” But WhatsApp’s Facebook-like group chat features also have design flaws that jeopardize user privacy. Maybe it’s also time to #DeleteWhatsApp. WhatsApp differentiates itself from parent company Facebook by touting its end-to-end encryption. “Some of your most personal moments are shared with […]
Hackers could be exploited a vulnerability in the iOS Camera App to redirect users to a malicious website, the issue affects the built-in QR code reader. According to information security training researchers, the iOS Camera App is affected by a bug that could be exploited by hackers to redirect users to a malicious website; the issue resides […]
A dangerous Drupal flaw could leave your site completely compromised if you don’t patch the flaw immediately. Developers of popular open-source CMS Drupal are warning admins to immediately patch a flaw that an attacker can exploit just by visiting a vulnerable site.The bug affects all sites running on Drupal 8, Drupal 7, and Drupal 6. […]
Microsoft’s Meltdown fix opened a gaping hole in Windows 7 security, warn researchers. Meltdown and Specter are probably the worst vulnerabilities discovered in the history of computing. These two security flaws were made public earlier this year and affect virtually all modern processors to be related to the way in which the Kernel and the […]
The first round of security updates released in 2018 for OpenSSL patch a total of three vulnerabilities, but none of them appears to be serious, information security training professionals said. OpenSSL versions 1.1.0h and 1.0.2o patch CVE-2018-0739, a denial-of-service (DoS) vulnerability discovered using Google’s OSS-Fuzz service, which has helped find several flaws in OpenSSL in the past […]
Maybe check your data archive to see if Facebook’s algorithms know who you called. [Update, March 25, 2018, 20:24 Eastern Time]: Facebook has responded to this and other reports regarding the collection of call and SMS data with a blog post that denies Facebook collected call data surreptitiously. The company also writes that it never sells the […]
The hackers who installed and ran a cryptocurrency mining operation on hacked Tesla ASW servers and Jenkins servers is now targeting servers running Linux and has so far generated more than $74,000 in Monero. The new campaign uses the legitimate, open-source XMRig cryptominer in conjunction with exploiting the old vulnerability CVE-2013-2618, which is found in […]
The streaming company Netflix launches its Bug Bounty program in which it offers rewards ranging from US $ 100 to US $ 15000 per bug detected. Information security training analysts of the company said that in order to keep its community more secure, including users, partners and employees, Netflix has publicly launched its Bug Bounty program […]
Legitimate and large-scale cryptocurrency mining operations often invest in dedicated hardware and electric consumption to make a profit. This doesn’t escape the attention of cybercriminals: Malicious cryptocurrency mining was so pervasive last year that it was the most detected network event in devices connected to home routers. Through our incident response-related monitoring, we observed intrusion attempts whose indicators we’ve been able […]
AMD finalized its investigation on the vulnerabilities recently discovered by CTS Labs and announced that security patches will be released soon. AMD acknowledged 13 critical vulnerabilities and exploitable backdoors in its Ryzen and EPYC processors that were first disclosed earlier March by the information security training researchers at the firm CTS Labs. The CTS Labs researchers did […]