The Microsoft Security Response Center yesterday released several security updates for Microsoft Exchange Server. These updates were targeted at addressing vulnerabilities that have been used in a few focused and targeted attacks. Nature of vulnerabilities The vulnerabilities have been deemed to be very critical in nature and Microsoft urges and advises its customers to update […]
Microsoft has released emergency patches to address four previously undisclosed security flaws in Exchange Server that it says are being actively exploited by a new Chinese state-sponsored threat actor with the goal of perpetrating data theft. Describing the attacks as “limited and targeted,” Microsoft Threat Intelligence Center (MSTIC) said the adversary used these vulnerabilities to […]
Cisco has addressed a maximum severity vulnerability in its Application Centric Infrastructure (ACI) Multi-Site Orchestrator (MSO) that could allow an unauthenticated, remote attacker to bypass authentication on vulnerable devices. “An attacker could exploit this vulnerability by sending a crafted request to the affected API,” the company said in an advisory published yesterday. “A successful exploit […]
Cybersecurity researchers today disclosed several security issues in popular online dating platform OkCupid that could potentially let attackers remotely spy on users’ private information or perform malicious actions on behalf of the targeted accounts. According to a report shared with The Hacker News, researchers from Check Point found that the flaws in OkCupid’s Android and […]
Not all they’re cracked up to be? Several password vaults contain vulnerabilities, both new and previously disclosed but never patched, a study says
The browser’s anti-tracking feature could apparently give access to users’ browsing habits
Four popular open-source VNC remote desktop applications have been found vulnerable to a total of 37 security vulnerabilities, many of which went unnoticed for the last 20 years and most severe could allow remote attackers to compromise a targeted system. VNC (virtual network computing) is an open source graphical desktop sharing protocol based on RFB […]
Being able to hide or continually rotate the source IP address when making web calls can be difficult or expensive. A number of tools have existed for some time but they were either limited with the number of IP addresses, were expensive, or required deployment of lots of VPS’s. FireProx leverages the AWS API Gateway […]
Hundreds of millions of devices, especially Android smartphones and tablets, using Qualcomm chipsets, are vulnerable to a new set of potentially serious vulnerabilities. According to a report cybersecurity firm CheckPoint shared with The Hacker News, the flaws could allow attackers to steal sensitive data stored in a secure area that is otherwise supposed to be […]
While 5G hasn’t fully arrived everywhere, we believe it will be better, faster, and more secure than its previous generation. However, new research suggests that the next-gen network is susceptible to various security issues and this could be slightly worrisome. 5G Has Security Flaws! According to a paper by researchers at the University of Iowa […]
Under “usual circumstances,” AWS makes headlines for exposing databases of companies using its services. A few days ago (Oct 22, 2019), the world’s large cloud services provider – Amazon Web Services (AWS) – was hit by a series of DDoS attacks (Distributed Denial of Service) resulting in portions of it going offline for several hours. […]
No, it’s not a patch Tuesday. It’s the third Tuesday of the month, and as The Hacker News shared an early heads-up late last week on Twitter, Adobe today finally released pre-announced out-of-band security updates to patch a total of 82 security vulnerabilities across its various products. The affected products that received security patches today […]
Another lawsuit filed against Apple suggests that it has copied the new Shortcuts app, which has made its entry into iPhones with the recent iOS 13 and iPadOS 13 update. New Day, New Lawsuit Virginia-based company Aftechmobile has taken Apple to court alleging that Apple infringed one of the 28 claims mentioned in Aftechmobile’s “558 […]
Network security specialists report that Malindo Air, a subsidiary of Lion Air Group, a low-cost Indonesian airline, suffered a data breach that has compromised the information of thousands of passengers. The compromised information was even detected in multiple information-sharing forums for more than a month. Compromised records include phone numbers, passport details, and information about […]
Google has released an urgent software update for its Chrome web browser and is urging Windows, Mac, and Linux users to upgrade the application to the latest available version immediately. Started rolling out to users worldwide this Wednesday, the Chrome 77.0.3865.90 version contains security patches for 1 critical and 3 high-risk security vulnerabilities, the most […]
The united states department of justice filed a LawSuit against Edward Snowden for publishing a book violating the non-disclosure agreements that he was signed with NSA and CIA. Edward Snowden is a former Central Intelligence Agency (CIA) employee and National Security Agency (NSA) in 2013. The lawsuit does not stop him in the publication of […]
The world of connected consumer electronics, IoT, and smart devices is growing faster than ever with tens of billions of connected devices streaming and sharing data wirelessly over the Internet, but how secure is it? As we connect everything from coffee maker to front-door locks and cars to the Internet, we’re creating more potential—and possibly […]
Get your update caps on. Microsoft today released its monthly Patch Tuesday update for September 2019, patching a total of 79 security vulnerabilities in its software, of which 17 are rated critical, 61 as important, and one moderate in severity. Two of the security vulnerabilities patched by the tech giant this month are listed as […]
Facebook has patched two high-severity vulnerabilities in its server application that could have allowed remote attackers to unauthorisedly obtain sensitive information or cause a denial of service just by uploading a maliciously constructed JPEG image file. The vulnerabilities reside in HHVM (HipHop Virtual Machine)—a high-performance, open source virtual machine developed by Facebook for executing programs […]
What if the tech intended to ensure that your kids, senior citizens, and pets are safe even when they’re out of sight inadvertently expose them to stalkers? An estimated 600,000 GPS tracking devices for sale on Amazon and other large online merchants for $25–$50 have been found vulnerable to a handful of dangerous vulnerabilities that […]
If you are using LibreOffice, you need to update it once again. LibreOffice has released the latest version 6.2.6/6.3.0 of its open-source office software to address three new vulnerabilities that could allow attackers to bypass patches for two previously addressed vulnerabilities. LibreOffice is one of the most popular and open source alternatives to Microsoft Office […]