A Critical MS Office Zero-day Remote Code Execution Vulnerability discovered in Microsoft Office that could allow attacker to take complete control of...
Microsoft fixed a vulnerability that could allow hackers to steal Windows login credentials without any user interaction. Microsoft fixed a serious vulnerability...
The second season of award-winning TV thriller Mr. Robotpremiered with a scene that sent shivers down the cybersecurity world’s spine. In uncomfortably realistic...
UPDATE Researchers are warning of two critical vulnerabilities in global satellite telecommunications company Inmarsat’s SATCOM systems. The vulnerabilities impact thousands of customers running...
Despite the obligatory logo and clever name, this week’s assault on crypto, the so-called DUHK attack (Don’t Use Hardcoded Keys), isn’t likely to be...
The CSE CybSec Z-Lab Malware Lab spotted a new botnet, dubbed Wonder botnet, while it was investigating malicious code in the dark...
The United States Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a warning that malicious hackers...
Google has announced a bug bounty program called ‘Google Play Security Reward Program’ to detect flaws in Android apps. Security experts have the chance...
I’ve seen Twitter traffic today about malspam from the Necurs Botnet pushing Locky ransomware using Word documents as their attachments. These Word...
Row-hammer is hardware bug that can cause bit-flips in physical RAM. Mark Seaborn and Thomas Dullien were the first to exploit the DRAM row-hammer bug to...
While we are supposedly in the era of the paperless office, intentional leaks via printed documents remain very common and can be...
Database contained details required to carry out highly advanced software attacks. Hackers broke into Microsoft’s secret, internal bug-tracking database and stole information...
Security researchers from Kaspersky Labs spotted the BlackOasis APT group exploiting a new zero-day RCE vulnerability in Adobe Flash. Security researchers from...
Even with the most advanced email protections in place and an entire government organization to support them, the bad actors were able...
A newly discovered vulnerability in generation of RSA keys used by a software library adopted in cryptographic smartcards, security tokens and other...
We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim...
Cisco issued a security advisory on a local privilege escalation vulnerability in the Linux Kernel, patch it as soon as possible. On...
Siemens has released a firmware update that addresses two vulnerabilities in its BACnet Field Panel building automation controllers. This week Siemens has...
In our context DDE works by executing an application, that will provide the data (data provider). In a previous post1 We discussed...
The suite of payment infrastructure and management systems SmartVista created by the BPC Group is vulnerable to SQL Injection attacks. Researchers at...
CVE-2017-11779 fixed by Microsoft in October of 2017, covers multiple memory corruption vulnerabilities in the Windows DNS client. The issues affect computers running Windows...