Archive for the ‘Vulnerability’ Category

Hackers Planted Backdoor in Webmin, Popular Utility for Linux/Unix Servers

August 20th, 2019
Following the public disclosure of a critical zero-day vulnerability in Webmin last week, the project's maintainers today revealed that the flaw was not actually the result of a coding mistake made by the programmers. Instead, it was secretly planted by an unknown hacker who successfully managed to inject a backdoor at some point in its build infrastructure—that surprisingly persisted into

Posted in backdoor malware, hacking Linux servers, Linux hacking, linux security, Linux server, Linux Software, remote code execution, Vulnerability, Webmin | Comments (0)

Patches for 2 Severe LibreOffice Flaws Bypassed — Update to Patch Again

August 16th, 2019
If you are using LibreOffice, you need to update it once again. LibreOffice has released the latest version 6.2.6/6.3.0 of its open-source office software to address three new vulnerabilities that could allow attackers to bypass patches for two previously addressed vulnerabilities. LibreOffice is one of the most popular and open source alternatives to Microsoft Office suite and is available

Posted in cyber security, hacking news, LibreOffice, linux security, Linux Software, Office software, Vulnerability, windows security, windows software | Comments (0)

New Bluetooth Vulnerability Lets Attackers Spy On Encrypted Connections

August 14th, 2019
Over a billion Bluetooth-enabled devices, including smartphones, laptops, smart IoT devices, and industrial devices, have been found vulnerable to a high severity vulnerability that could allow attackers to spy on data transmitted between the two devices. The vulnerability, assigned as CVE-2019-9506, resides in the way 'encryption key negotiation protocol' lets two Bluetooth BR/EDR devices

Posted in bluetooth hack, Bluetooth hacking, bluetooth vulnerability, hacking bluetooth devices, hacking news, Vulnerability | Comments (0)

4 New BlueKeep-like ‘Wormable’ Windows Remote Desktop Flaws Discovered

August 13th, 2019
If you are using any supported version of the Windows operating system, stop everything and install the latest security updates from Microsoft immediately. Windows operating system contains four new critical wormable, remote code execution vulnerabilities in Remote Desktop Services, similar to the recently patched 'BlueKeep' RDP vulnerability. Discovered by Microsoft's security team itself, all

Posted in BlueKeep RDP Flaw, BlueKeep RDP Vulnerability, RDP Vulnerability, Remote Desktop Protocol, Remote Desktop Services, Vulnerability, windows hacking | Comments (0)

Google Discloses 20-Year-Old Unpatched Flaw Affecting All Versions of Windows

August 13th, 2019
Update — With this month's patch Tuesday updates, Microsoft has finally addressed this vulnerability, tracked as CVE-2019-1162, by correcting how the Windows operating system handles calls to Advanced Local Procedure Call (ALPC). A Google security researcher has just disclosed details of a 20-year-old unpatched high-severity vulnerability affecting all versions of Microsoft Windows, back

Posted in google, Google Project Zero, hacking news, hacking windows password, microsoft, Vulnerability, windows Vulnerability, Windows zero-day vulnerability | Comments (0)

Canon DSLR Cameras Can Be Hacked With Ransomware Remotely

August 12th, 2019
The threat of ransomware is becoming more prevalent and severe as attackers' focus has now moved beyond computers to smartphones and other Internet-connected smart devices. In its latest research, security researchers at cybersecurity firm CheckPoint demonstrated how easy it is for hackers to remotely infect a digital DSLR camera with ransomware and hold private photos and videos hostage

Posted in Camera, Camera security, Canon DSLR Camera, cyber security, hacking DSLR camera, How to hack DSLR camera, ransomware, Vulnerability, wifi hacking | Comments (0)

KDE Linux Desktops Could Get Hacked Without Even Opening Malicious Files

August 7th, 2019
If you are running a KDE desktop environment on your Linux operating system, you need to be extra careful and avoid downloading any ".desktop" or ".directory" file for a while. A cybersecurity researcher has disclosed an unpatched zero-day vulnerability in the KDE software framework that could allow maliciously crafted .desktop and .directory files to silently run arbitrary code on a user's

Posted in hacking news, KDE, linux, Linux Desktop, linux security, Linux Vulnerability, Vulnerability | Comments (0)

SWAPGS Attack — New Speculative Execution Flaw Affects All Modern Intel CPUs

August 6th, 2019
A new variant of the Spectre (Variant 1) side-channel vulnerability has been discovered that affects all modern Intel CPUs, and probably some AMD processors as well, which leverage speculative execution for high performance, Microsoft and Red Hat warned. Identified as CVE-2019-1125, the vulnerability could allow unprivileged local attackers to access sensitive information stored in the

Posted in intel chipset, intel processor, intel vulnerability, Side-channel attack, speculative execution, speculative execution attack, speculative execution vulnerability, Vulnerability | Comments (0)

Researchers Discover New Ways to Hack WPA3 Protected WiFi Passwords

August 3rd, 2019
The same team of cybersecurity researchers who discovered several severe vulnerabilities, collectively dubbed as Dragonblood, in the newly launched WPA3 WiFi security standard few months ago has now uncovered two more flaws that could allow attackers to hack WiFi passwords. WPA, or WiFi Protected Access, is a WiFi security standard that has been designed to authenticate wireless devices using

Posted in crack wifi password, hacking news, How To Hack WIFI Password, Vulnerability, wifi password hacking, wireless security, WPA3, WPA3 Protocol | Comments (0)

Cisco ‘Knowingly’ Sold Hackable Video Surveillance System to U.S. Government

August 1st, 2019
Cisco Systems has agreed to pay $8.6 million to settle a lawsuit that accused the company of knowingly selling video surveillance system containing severe security vulnerabilities to the U.S. federal and state government agencies. It's believed to be the first payout on a 'False Claims Act' case over failure to meet cybersecurity standards. The lawsuit began eight years ago, in the year 2011,

Posted in Cisco, cyber security, False Claims Act, hacking news, IP Camera software, surveillance program, surveillance software, surveillance video system, Vulnerability | Comments (0)