Browsing tag
The attacks began two days after the company corrected a critical vulnerability A critical vulnerability in various router models was recently solved by Cisco. However, according to network security and ethical hacking specialists from the International Institute of Cyber Security, only two days after the corrections were implemented, hacker groups began conducting scans and launching […]
procedural security is what we call operational security (OPSEC), it is kind of risk management process that encourages admin to monitor operations from the perspective of an adversary, and draw conclusions to protect sensitive information from falling into the wrong hands. OPSEC is becoming popular in the private sector though it was used by the […]
The launch has been designed to correct a critical vulnerability Ubuntu has just announced an unscheduled launch: updating its version 16.04 LTS, for its server and desktop products. According to network security specialists from the International Institute of Cyber Security, the Ubuntu 16.04.6 version has been developed as an update patch to correct a critical […]
Graphics processor developers offer protection against vulnerabilities found on Windows and Linux systems Nvidia, a company specializing in the development of graphic processing units, has included an unusual feature in its new releases: protection against eight vulnerabilities that could be used to deploy some cyberattack variants, as mentioned by network security and ethical hacking experts […]
We usually get to hear of vulnerabilities that cybercriminals exploit to expose or steal data. This time it’s the other way around; the criminals are at the receiving end. A vulnerability has helped researchers expose malware C&C servers. A vulnerability in a penetration testing tool that was being used by hackers is now helping researchers […]
These malicious files allow victims’ data collection Network security and ethical hacking specialists from the International Institute of Cyber Security report the discovery of a malicious campaign that uses PDF documents to exploit a zero-day vulnerability in the built-in tool to view these files in Google Chrome to extract information from users. A cybersecurity firm […]
This vulnerability can be exploited only by local attackers Malicious hackers could exploit a privilege escalation vulnerability in Cisco Webex Meetings for Windows operating systems to execute arbitrary commands using administrator privileges, report network security specialists from the International Institute of Cyber Security. This vulnerability affects all versions of the Cisco Webex Meetings desktop application […]
Google experts consider these vulnerabilities to be inherent in modern processors design According to network security and ethical hacking specialists from the International Institute of Cyber Security, the vulnerabilities Spectre and Meltdown were reported for the first time about a year ago; since then, countless teams of independent specialists and researchers have tried multiple methods […]
Some versions of the content management system present a critical vulnerability that leaves them exposed to remote code execution attacks Network security and ethical hacking specialists from the International Institute of Cyber Security report the presence of a critical vulnerability in Drupal, the popular content management system. Vulnerability (CVE-2019-6340) exists because “some types of fields […]
cybersecurity #infosec #IIS #MicrosoftSystem administrators are recommended to update as soon as possible According to network security and ethical hacking specialists from the International Instiute of Cyber Security, the Microsoft Security Incident Response Center launched a security alert for a denial-of-service (DoS) condition at Internet Information Services (IIS), the suite of services for the Windows […]
After discovering that the first correction could be bypassed, the company should launch a second Adobe Reader update patch According to network security and ethical hacking experts from the International Institute of Cyber Security, Adobe has just released a second update patch to fix an Adobe Reader zero-day vulnerability, this because the first patch did […]
About 100 students were affected by the incident Network security and ethical hacking specialists from the International Institute of Cyber Security report a vulnerability in one of Stanford University online systems that allows students to visualize their records gave one of the students the ability To see the grades of other students’ high school education. […]
Medical files, containing personal data of patients of University of Washington Medicine, were mistakenly exposed following a data error. UW Medicine, in a press release dated February 20, 2019, has revealed the detection of “…an error in a database configuration that made certain protected internal files temporarily available on the internet and visible by search.” […]
GitHub renews its vulnerability report rewards program Network security and ethical hacking specialists from the International Institute of Cyber Security report that GitHub, the code hosting platform owned by Microsoft, has made some changes to its vulnerability bounty program. The program, which has been running for five years now, will offer higher rewards and broad […]
Over 500 million WinRAR users could have been exposed; update your software as soon as possible A critical vulnerability in WinRAR, the most popular Windows file compression tool, was recently corrected. According to specialists in network security and ethical hacking from the International Institute of Cyber Security, the flaw would have allowed malicious users to […]
A fatal cross-site request forgery (CSRF) vulnerability on Facebook was discovered by a security researcher, and interestingly it allowed hackers to take over Facebook accounts with a simple one-click on a link. The cybersecurity expert “Samm0uda” discovered a vulnerability after noticing an exposed endpoint (facebook.com/comet/dialog_DONOTUSE/), which could be exploited to bypass the CSRF protections and […]
Vulnerability would have allowed an attacker to take control of an account by simply clicking a link Facebook has just granted a $25k USD reward for the report of critical cross-site request forgery vulnerability. According to network security specialists from the International Institute of Cyber Security, the vulnerability could have been exploited to hijack social […]
Various Linux distributions might be affected by this security issue Critical privilege-escalation vulnerability could grant total control of the system compromised to attackers. According to network security and ethical hacking specialists from the International Institute of Cyber Security, Ubuntu and some other Linux distributions users could be impacted. The vulnerability has been tracked as CVE-2019-7304 […]
To exploit the vulnerability, attackers need physical access to the computer, as well as installing a malicious application Network security and ethical hacking specialists from the International Institute of Cyber Security report the emergence of a new vulnerability in a developer API that allows a malicious app installed on the Mojave MacOS to access a […]
The company discovered a severe security flaw during a routine process Cisco has notified its customers that it is necessary to install an update to correct a critical vulnerability that affects the Network Assurance Engine (NAE) for the management of data center networks. The vulnerability, tracked as CVE-2019-1688, allows an attacker to take advantage of […]
Vulnerability has a score of 7.2/10 on the CVSS scale Linux system users are dealing with a new threat. According to network security and ethical hacking specialists from the International Institute of Cyber Security, a critical vulnerability has been discovered affecting the runC runtime container function that works with Docker, cri-o, containerd and Kubernetes. RunC […]