All posts tagged "vulnerability"
-
3.0KCyber AttackExclusive: SonicWall Hacked Using 0-Day Bugs In Its Own VPN Product
SonicWall, a popular internet security provider of firewall and VPN products, on late Friday disclosed that it fell victim to a coordinated...
-
1.8KData SecurityGoogle reveals high-profile attack targeting Android, Windows users
According to Google’s Project Zero team, threat actors exploited 0-day vulnerabilities to successfully carry out their attack. The IT security researchers at...
-
1.7KData SecurityCloning Google’s Titan Key to bypass 2FA – Research
The attack requires the attacker to have physical access to the victim’s Titan Key, hours of time, and side-channel setup equipment worth...
-
1.8KVulnerabilitiesSecret Backdoor found Installed in Zyxel Firewall and VPN
Zyxel Communications Corp. is a manufacturer of networking devices. It is popular for firewalls that are marketed towards small and medium businesses. Their...
-
3.1KData SecurityGoogle reveals unpatched 0day vulnerability in Microsoft’s API
Apparently, Microsoft released a patch to fix the vulnerability in June but it did not work the way it was supposed to...
-
4.0KVulnerabilitiesA Google Docs Bug Could Have Allowed Hackers See Your Private Documents
Google has patched a bug in its feedback tool incorporated across its services that could be exploited by an attacker to potentially...
-
2.5KVulnerabilitiesGoogle Discloses Poorly-Patched, Now Unpatched, Windows 0-Day Bug
Google’s Project Zero team has made public details of an improperly patched zero-day security vulnerability in Windows print spooler API that could...
-
3.2KVulnerabilitiesNew Critical Flaws in Treck TCP/IP Stack Affect Millions of IoT Devices
The US Cybersecurity Infrastructure and Security Agency (CISA) has warned of critical vulnerabilities in a low-level TCP/IP software library developed by Treck...
-
2.5KVulnerabilitiesCritical Dell Wyse Bugs Let Attackers to Execute Code and Access Files and Credentials
The giant Dell Wyse is affected by two Critical Vulnerabilities CVE-2020-29491 and CVE-2020-29492 which targets thin client devices. The CyberMDX Research team has...
-
2.5KData SecurityFree WinZip trial popup vulnerability lets hackers drop malware
Other than malware delivery; WinZip vulnerability also lets hackers carry out DNS poisoning and arbitrary code execution. Most of us are pretty...
-
3.7KVulnerabilitiesSolarWinds Issues Second Hotfix for Orion Platform Supply Chain Attack
Network monitoring services provider SolarWinds officially released a second hotfix to address a critical vulnerability in its Orion platform that was exploited...
-
1.6KVulnerabilitiesWordPress Easy WP SMTP zero-day Vulnerability Exposes Hundreds of Thousands of Sites to Hack
Easy WP SMTP, a WordPress plugin, with more than 500,000 installations, allows one to configure and send all outgoing mails via a...
-
1.4KVulnerabilitiesCisco Reissues Patches for Critical Bugs in Jabber Video Conferencing Software
Cisco has once again fixed four previously disclosed critical bugs in its Jabber video conferencing and messaging app that were inadequately addressed,...
-
1.5KVulnerabilitiesValve’s Steam Server Bugs Could’ve Let Hackers Hijack Online Games
Critical flaws in a core networking library powering Valve’s online gaming functionality could have allowed malicious actors to remotely crash games and...
-
4.9KVulnerabilitiesZero-Click Wormable RCE Vulnerability Reported in Microsoft Teams
A zero-click remote code execution (RCE) bug in Microsoft Teams desktop apps could have allowed an adversary to execute arbitrary code by...
-
2.1KVulnerabilitiesNSA Warns Russian Hacker Exploiting VMware Bug to Breach Corporate Networks
The US National Security Agency (NSA) on Monday issued an advisory warning that Russian threat actors are leveraging recently disclosed VMware vulnerability...
-
2.7KData SecuritySophos breach: Customer data exposed due to permission access flaw
Sophos has acknowledged the breach by sending email notifications to targeted customers. With data breaches happening every day, in the latest, we...
-
2.4KData SecurityResearchers found another way to hack Tesla Model X Key Fob
The hack occurred when researchers identified significant security flaws in the key fob of Tesla’s top-of-the-line SUV, Tesla Model X, the luxury...
-
2.7KData SecurityVulnerability allowed bypassing 2FA in WHM & cPanel by bruteforcing
The vulnerability (CVE-2020-27641) allowed malicious actors to bypass two-factor authentication (2FA) on the software using brute-force attacks. In the web hosting world,...
-
921Data SecuritySecurity of Millions At Risk Due to Unpatched Android Apps
Several high-profile third-party Android apps still aren’t using the latest version of Google’s app update library, jeopardizing hundreds of millions of smartphone...
-
4.7KVulnerabilitiesCritical Oracle WebLogic Vulnerability Flaw Actively Exploited by DarkIRC Malware
Juniper Threat Labs researchers observed active attacks on Oracle WebLogic software using CVE-2020-14882. This vulnerability, if successfully exploited, allows unauthenticated remote code...
