Browsing tag
Researcher Aaron Spangler identified a bug in Internet Explorer back in 1997. This flaw allowed stealing of user credentials through Windows Server Message Block protocol. Now, after almost eighteen years, Cylance Wallace, a senior researcher at SPEAR research team, discovered a larger vulnerability while testing a messaging app keeping that particular bug in mind. This […]
Recently Google announced its current experimental program named Vulnerability Research Grants (VRG). No doubt it is a great concept. In this program the security team of Google selects regular reporters and send them emails. The researchers then choose product/service from the list available in the email and investigate their chosen product/service’s security. Must Read: Hacking YouTube […]
Yet another vulnerability has been found in the Yoast WordPress plugin that can be exploited by attackers allowing them to control the site. Just a week ago, the case was associated with WordPress SEO plugin that is being used by more than a million WordPress websites. However, this time the case is focused on the […]
A number of websites have been put at risk due to a very popular plugin of the WordPress content management platform vulnerability that allows to hackers to attack the websites. Actually, the fault lies in many of the versions of the WordPress Plugin called ‘WordPress SEO by Yoast’ that has over 14 million downloads thus […]
WordPress’s MainWP Child Plugin has vulnerability… and it is very much exploitable. Researchers at Sucuri have identified a vulnerability in the MainWP Child plugin for WordPress, which according to them is potentially exploitable and can allow hackers to fully control any website. Mickael Nadeau, Sucuri’s security and vulnerability researcher, revealed the finding in his blog […]
Microsoft has revealed that Windows is vulnerable to a critical Freak SSl Flaw. Freak is a security bug that facilitates cybercriminals to conduct man-in-the-middle attacks on connections like Sockets Layer (SSL) and Transport Layer Security (TLS) that are encrypted by an outdated cipher. And Freak has claimed another potential victim, this time the Microsoft Secure Channel […]
About a month ago, to my embarrassment, I learned that my Wi-Fi password was so weak that even my 10 year old neighbour could crack it… No, not really. A little Disclaimer – The contents of this post are solely for ethical and educational purposes. You may not use it for unethical purposes. The Author […]
Search-Lab Ltd. discovered a serious security vulnerability in the On Screen Phone protocol used by LG Smart Phones. A malicious attacker is able to bypass the authentication phase of the network communication, and thus establish a connection to the On Screen Phone application without the owner’s knowledge or consent. Once connected, the attacker could have […]
Hackers pieced together zero-day vulnerabilities in Flash and Internet Explorer 9+ to attack financial services and defense contractor employees visiting Forbes.com, according to security firm researchers, Invincea and iSIGHT Partners. In November 2014, the site’s Thought of the Day (ToTD) page, which is displayed briefly upon visiting the site, was compromised. On first visit to […]
Uploading Photos on WhatsApp Web Risky as Privacy Lapses Discovered: WhatsApp Web: WhatsApp Web is a new service launched by WhatsApp. It allows users to sync their mobile and desktop devices with the messaging app. In its blogpost dated 21st January, 2015, WhatsApp announced the new web client and noted that WhatsApp Web “mirrors conversations […]
Security vendor Qualys announced on Tuesday that a flaw in the popular component of many Linux distributions which would ultimately allow hackers to control a system remotely through just sending an email that contains malware. This vulnerability, named “Ghost”, is in the GNU C Library called glibc. This is a C library that basically defines […]
Most people with Android smartphones or tablets are now left exposed to a security flaw because Google has announced it will not be fixing it. The default browser of Android 4.3 Jelly Bean has a known security flaw in the older versions of Android and it is estimated that almost 60% of all users of […]
Microsoft has released an emergency update on Tuesday to patch a security flaw in the Windows operating system (that remained unnoticed for 19 years). Amazingly, this vulnerability was present in every version of Windows including Windows 95 to Windows 8, allowing hackers to take control of any computer remotely whenever a user visits a malicious website. […]
A common shortcoming that most of the USB devices possess is one which can be noiselessly made use of to introduce infection into computers. This is done in a fashion which prevents detection and this has been concluded by security researchers themselves. Most of the USB thumb drives have a major dilemma like several other […]
WhatsApp, one of the most popular instant messaging services, scaled its highest point recently when it handled more than 64 billion messages in 24 hour period in a day, just weeks after its acquisition by Facebook for a whopping USD 19 billion, according to media reports. Last year, the daily message traffic of the application […]
The password manager, LastPass, allows you to check if the saved sites are affected by the bug through its ‘LastPass Heratbleed Checker. LastPass’s Security Check tells you which sites have updated their certificates, and whether you need to change your password for that site. Image credit: Cnet In the latest attempt to safeguard against the openSSL programming […]
In the Following Issue we will discuss the impacted vulnerability, their particular information and details, proof-of-concept code, as well as their special recommendations, regarding fixing those issues. Security researchers of the High-Profile websites, mostly discover their related vulnerabilities as the highly effective zones. Nicholas Lemonias is an expert researcher, and he is of the belief that such […]
One lucky hammer group had already nailed the fingerprint sensor of iPhone 5S. The phone will finally hit the sales floor on Friday and another group is already gearing up for breaking into this new security feature from iPhone. Well the news is that the hacker community is all set to get their hands dirty […]
Last Friday, Facebook disclosed a bug fix which exposed the shadow profile activity of the social network. Packet Storm Security who analysis the security issues of the network has said that they are composing frightening dossiers for both the account holders and the non-account holders. Packet Storm has discovered the vulnerability in the security system of […]
The Android users all over the world were recently hit by a shock as a cyber-attack surfaced that attacked the Android users. According to the report, a malicious webpage was the source of this attack. All the data of those Android devices was wiped from the smartphones, who visited this webpage. Ravishankar Borgaonkar, who is […]