In our context DDE works by executing an application, that will provide the data (data provider). In a previous post1 We discussed...
The suite of payment infrastructure and management systems SmartVista created by the BPC Group is vulnerable to SQL Injection attacks. Researchers at...
CVE-2017-11779 fixed by Microsoft in October of 2017, covers multiple memory corruption vulnerabilities in the Windows DNS client. The issues affect computers running Windows...
The bug exposed customers’ email addresses, their billing account numbers, and the phone’s IMSI numbers. T-Mobile has patched the bug. Until last...
Microsoft October Patch Tuesday addresses the CVE-2017-11826 Office Zero-Day vulnerability that has been exploited in the wild in targeted attacks. Yesterday we...
Who knew there could be ways to analyze our sleep patterns other than the sleep tracking apps and fitness bands. Credits to...
The four exposed servers had no password, but contained the “keys to the kingdom.” Technology and cloud giant Accenture has confirmed it...
Researchers from security firm Positive Technologies warns of 4G/5G Wireless Networks as vulnerable as WiFi and putting smart-cities at risk The Internet of...
On September 25, 2017, a man which goes by the nickname ‘LiquidWorm’ has released the exploit code for FLIR Thermal Cameras. On...
Websites are hijacking computers to mine digital coins. Cloudflare, an internet security company founded in 2010, has quickly become an integral part...
This attack chain exposed millions of potential victims in the US, Canada, the UK, and Australia, leveraging slight variations on a fake...
Siemens has just released a firmware update for the 7KT PAC1200 Siemens smart meters that addresses a critical vulnerability. Siemens has just...
Apple rushed out an emergency patch Thursday that fixed an incredulous bug in its shiny new High Sierra operating system that revealed APFS volume...
Patch diffing is a common technique of comparing two binary builds of the same code – a known-vulnerable one and one containing...
Several security vulnerabilities have been patched in recent weeks in Apache Tomcat, including the CVE-2017-12617 Code Execution vulnerability. Several security vulnerabilities have...
Electronic messages traveling across the internet are under constant threat from data thieves, but new security standards created with the technical guidance...
Leaked admin accounts and passwords for radio stations allowed anyone to log-in and hijack broadcasts. A password leak vulnerability in a popular...
Since the Thunderstrike bootkit attacks targeting Apple firmware were disclosed in 2015, Apple has bundled subsequent EFI updates with its regular macOS security and software updates...
Earlier this year we performed research into Broadcom’s Wi-Fi stack. Due to the ubiquity of Broadcom’s stack, we chose to conduct our...
News of the day is that another big company suffered a security breach, the victim is the Amazon-owned grocery chain Whole Foods...
Throughout this blog post we will be detailing a newly discovered RTF document family that is being leveraged by the FIN7 group...