Browsing tag
Just when the Apple released 11.1 as a patch to address the crack in WiFi and other exploits, here comes the news that it has been hacked again. It was during Trend Micro’s Zero Day Initiative they revealed this news, but have yet to give the details of the exploits. There were several exploits discovered, […]
Critically, both OS updates address the KRACK Wi-Fi vulnerability for any devices. It is a dangerous vulnerability in the WPA2 Wi-Fi assurance standard that allowed hostile actors to perform a key reinstallation and receive to Wi-Fi traffic for keys and other personal data, among other things. Both also include numerous new Unicode 10.0 emoji. They include the “I love you” hand […]
Cloak & Dagger is a new class of potential attacks affecting Android devices. These attacks allow a malicious app to completely control the UI feedback loop and take over the device — without giving the user a chance to notice the malicious activity. Security experts from Palo Alto Networks discovered a vulnerability with Android overlay […]
Bug bounty programs by big tech boys isn’t a new thing to hear. Now, Samsung’s name is also on the list of the companies which give money to security researchers who point out vulnerabilities in their products. The company has announced their bug bounty initiative called Mobile Security Rewards Program. And as the name suggests, […]
Security experts from FortiGuard Labs discovered a malicious Powerpoint file in name ADVANCED DIPLOMATIC PROTOCOL AND ETIQUETTE SUMMIT.ppsx using the CVE-2017-0199 Vulnerability.By opening, this malicious PDF file may compromise your system. CVE-2017-0199 was originally a zero-day remote code execution vulnerability that allowed attackers to use a flaw that exists within the Windows Object Linking and […]
World’s largest professional network LinkedIn That has more than 500 Million Registered users. LinkedIn messenger Platform Vulnerability Allows attacker spread Malware into victims by taking advantage of LinkedIn’s security restrictions Flow. LinkedIn messenger is the Mostly used Future Platform which helps for professional Community to Share their skills, Messenger easily sends resumes, transfer academic research and share […]
Now comes a case where we see that version control systems are getting affected by malware. It is seen how source code is no longer safe and are said to be vulnerable to attacks and flaws. Three of the most popular version control systems are said to be vulnerable to malware attacks. Attackers run a […]
Adobe releases patches for critical security flaws which allows attackers to control your system. This bundle applies for Windows, Macintosh, Linux and Chrome OS. Flash Player Security Update – APSB17-21 These critical vulnerabilities affected Adobe Flash Player Desktop Runtime, Adobe Flash Player for Google Chrome running with versions of 26.0.0.131 and earlier, also Adobe Flash […]
Security researchers at behavioral firewall specialist firm Preempt have discovered two critical security flaws in the Microsoft Windows NT LAN Manager (NTLM) security protocols which, if exploited, can allow attackers to crack passwords and compromise credentials from a targeted network. The first vulnerability (CVE-2017-8563) was discovered in LDAP (Lightweight Directory Access Protocol) from NTLM relay while the second […]
A Malware called “EternalBlue” Vulnerability Successfully port the exploit to Microsoft Windows 10 by the Security Researchers which has been only affected earlier with Microsoft Windows XP (Server 2003) and Microsoft Windows 7 (Server 2008 R2) Along with Wanna cry Ransomware. EternalBlue Malware infecting Windows based Server Message Block (SMB) protocol Developed By National Security […]
Vulnerability defined as the weakness that allows attacker to enter in and harm, it may be a flaw in design or misconfiguration. In order to exploit the vulnerability attacker should have applicable tool or technique that connect to the system weakness. National Vulnerability Database NVD is the U.S. government repository of standards based vulnerability management […]
FreeRADIUS RADIUS Server is the most popular open server and RADIUS resource is widely used worldwide. It supports all standard authentication protocols. It is considered the most popular RADIUS server in the world and has been used by many Fortune 500 companies and Internet service providers. Also Read: How to Safely Use Tor Browser To Browse […]
Security specialists from Chaos Computer Clubs found basic strides to break iris recognition system scanner of the new Samsung Galaxy S8. Samsung Galaxy S8 system guarantees secure individual client verification by utilizing the unique pattern of the human iris. But from the test directed by CCC demonstrates that this guarantee can’t be kept. To note […]
A new Cyber Attack Spreading through Vulnerable Subtitles which Downloaded by Victims Media Player and threatens more than 200 Millions of vulnerable Machine in worldwide which leads to complete take over to the infected machine . This cyber attack is delivered when movie subtitles are loaded by the user’s media player which is delivering by […]
A critical SQL Injection Vulnerability( CVE-2017-8917) with Joomla! 3.7, if you are Joomla user it’s you need to update immediately. Joomla! is a content management system (CMS), that allows you to make websites and powerful on-line applications. A content management system software that keeps track of each piece of content on your internet site, very like […]
A bloatware could be a tricky subject to discuss considering that they are pre-installed in most of the IoT devices, but what if a vulnerability is found in one of the bloatware? Could it create havoc? Millions of users could be affected by even a tiny flaw in a bloatware. Well, this is exactly what […]
The IT security researchers have discovered that more than 20 different Linksys’ routers models are leaving thousands of devices vulnerable to outside attacks. Tao Sauvage, a senior security consultant for IOActive, along with Antide Petit, an independent researcher, published the existence of these bugs that were first discovered last year. The blog post states than about 10 […]
Apache Struts is a free and open-source framework used to build Java web applications.This is not the first remote code execution vulnerability discovered on Apache Struts. Apache Struts2 official released a security bulletin, the bulletin pointed out that Apache Struts2 Jakarta Multipart parser plug-in, there is a remote code execution vulnerability, vulnerability number CVE-2017-5638. An […]
Short Bytes: A vulnerability has been spotted in Cisco’s Cluster Management Protocol (CMP) which exposes 318 Cisco Switch models to malicious attacks comprising full control of the device. The flaw arises out of the inability to restrict the use of CMP-specific telnet protocol for local communications. Cisco has suggested some measures for reducing the attack […]
The NextGen gallery has been plagued with a severe security flaw for the second time in consecutive years, and this time it is even worse. A web security firm- Sucuri discovered that the NextGen gallery for WordPress (WP) is affected by a severe SQL injection vulnerability and attackers can access the targeted website’s database within […]
Closing week, we told about a important zero-day flaw in WordPress that become silently patched by way of the company earlier than hackers have had their arms at the nasty bug to make exploits of millions of WordPress websites. To make sure the safety of thousands and thousands of web sites and its customers, WordPress not on […]