Browsing tag
The tech company Intel has confirmed that the problems discovered on their processors chips imply a decrease in the performance of the computers of some users, report experts in information security services. According to the reports, the data centers could be affected to a greater extent by these corrections, although they mention that this impact […]
According to web application penetration testing specialists, Google announced the launch of a Chrome OS update that includes a series of fixes for the MDS vulnerabilities that, if exploited, could allow a malicious hacker access privileged parts of the memory. The bad news for Chrome users is that Hyper-Threading technology will be disabled by default. […]
Microsoft warns users of older versions of Windows of installing Windows Update immediately to protect against potential, widespread attacks. The software giant has fixed vulnerabilities in Remote Desktop Services running on Windows XP, Windows 7, and server versions such as Windows Server 2003, Windows Server 2008 R2, and Windows Server 2008. Microsoft is taking this […]
In early 2018, Intel and AMD processor researchers discovered two important security holes, Spectrum, and Meltdown. Although damage measures have since been released by Intel, AMD, Microsoft, and other major software and software vendors, the method of attack, based on a process called speculative execution, has led researchers to discover a series of four new […]
According to web application security testing specialists, over 25k Linksys Smart WiFi routers are impacted by a vulnerability that, if exploited, would allow hackers remote access without authentication to extensive critical resources on compromised devices. Experts comment that this incident is similar to a security flaw in the firmware of these devices emerged in 2014 […]
Web application security course specialists have reported a critical vulnerability in the Cisco 1001-X series router that, if exploited, would allow threat actors to take control of any compromised device, putting all data that pass through the router at risk. Unlike domestic routers, the Cisco 1001-X is a much larger and expensive device, designed for […]
According to Twitter, a bug that revealed the user’s location information, and shared it with an unnamed Twitter partner has been fixed. “We have discovered that we inadvertently collect and shared iOS location data with one of our trusted partners in certain circumstances,” the company said. According to the blog posts, the bug only affects […]
Linux operating system computers running versions prior to 5.0.8 kernel distributions are impacted by a vulnerability exposing systems committed to a wide variety of remote attacks, as reported by information security services experts. A threat actor could exploit the vulnerability that resides in the rds_tcp_kill_sock kernel’s TCO/IP implementation to generate denial-of-service and remote code execution […]
A web application security testing revealed that threat actors are actively exploiting a remote code execution vulnerability in some versions of SharePoint Server to install the hacking tool known as The China Copper. Although the vulnerability had already been patched, not all SharePoint deployments had been updated. The vulnerability, tracked as CVE-2019-0604, affects all versions […]
Web application security testing experts reported a critical vulnerability in Cisco Elastic Services Controller (ESC), which could allow an unauthenticated remote hacker to take full control of the compromised system using just a specially designed request. ESC is a virtual network function manager employed by hundreds of companies to automate the implementation and monitoring of […]
Sierra has launched a security alert mentioning that its AirLink router model, thought for Internet of Things (IoT) applications, are exposed to the exploitation of some known vulnerabilities, reported cyber forensics course specialists. Vulnerabilities affecting AirLink devices are part of a list of 11 critical security flaws in Sierra Wireless routers, published a few days […]
Three high-severity PrinterLogic flaws that have recently been detected could help hackers launch remote code execution attacks on printers. Threatpost editor Lindsey O’Donnell reports, “A slew of high-severity flaws have been disclosed in the PrinterLogic printer management service, which could enable a remote attacker to execute code on workstations running the PrinterLogic agent.” The PrinterLogic […]
Cloud cameras (AKA IP Cameras) provide convenient and easy to use visual monitoring device for offices, houses, and shops of all sizes. It is slowly but surely replacing the bulky and complicated CCTV (closed-circuit television) systems, and for the right reason, primarily due to its easy expandability. However, since this kind of system is always […]
Cisco has issued 41 security advisories in one day, which is reportedly the highest one-day disclosure in at least 12 months. On Wednesday, May 1, 2019, the San Jose-based company came out with 41 security alerts, which included a highly critical Nexus 9000 data-center flaw. Other than this critical alert, there were 22 advisories considered […]
A WiFi camera (model DCS-2123L) designed by the manufacturer D-Link contains critical vulnerabilities that would allow a hacker to intercept and visualize the recordings stored on the device, in addition to altering the firmware, as mentioned by cyber forensics course specialists. The company has not completely corrected the flaws in this camera, which is one […]
Cybersecurity specialists report that the Cisco Nexus 9000 Series switch presents a critical vulnerability that, if exploited, would allow an attacker to remotely connect to a compromised device using Secure Shell (SSH) and control it with root user privileges. The company revealed the existence of this vulnerability in recent days, giving it a severity score […]
A recent investigation by cyber forensics course specialists has revealed that around 50k companies running SAP company software are more likely to suffer cyberattacks due to the discovery of new methods of exploitation for some old vulnerabilities in these systems that have not been properly corrected. SAP, a leading German software company, mentions that between […]
Cyber forensics course specialists report the presence of a new vulnerability in the SupportAssist tool, of the computer equipment manufacturer Dell; the reported flaw could allow threat actors to execute code with administrator privileges on exposed computers executing non-updated versions of this tool to take control of the victims’ systems. Although the company released a […]
Hackers exploiting the recently disclosed Oracle WebLogic Server remote code execution vulnerability to install a new variant of ransomware called “Sodinokibi.” The vulnerability allows anyone with HTTP access to the server can carry out the attack without authentication. The vulnerability affects Oracle WebLogic Server, versions 10.3.6.0, 12.1.3.0, Oracle fixed the issue on April 26, and […]
Cybersecurity specialists recommend e-commerce WordPress websites using the WooCommerce plugin to remain alert due to the presence of a critical vulnerability that, if exploited, could allow hackers to take control of trade movements on a compromised website. Plugin Vulnerabilities, a company dedicated to the security of sites in WordPress, was in charge of revealing the […]
A new Oracle WebLogic server zero-day vulnerability is being exploited in the wild, reported vulnerability testing specialists. The company has already been notified of the flaw, although the corrections are likely to come a little further, as Oracle had just released its quarterly update package a couple of days before receiving the vulnerability report. Vulnerability […]