Archive for the ‘Vulnerability’ Category

Warning! Unprivileged Linux Users With UID > INT_MAX Can Execute Any Command

December 6th, 2018
Hold tight, this may blow your mind… A low-privileged user account on most Linux operating systems with UID value anything greater than 2147483647 can execute any systemctl command unauthorizedly—thanks to a newly discovered vulnerability. The reported vulnerability actually resides in PolicyKit (also known as polkit)—an application-level toolkit for Unix-like operating systems that defines

Posted in Debian, linux, Linux Vulnerability, privilege escalation, Red Hat, Ubuntu, user privilege, Vulnerability | Comments (0)

How Just Opening A Site In Safari Could Have Hacked Your Apple macOS

November 22nd, 2018
Earlier this week Dropbox team unveiled details of three critical vulnerabilities in Apple macOS operating system, which altogether could allow a remote attacker to execute malicious code on a targeted Mac computer just by convincing a victim into visiting a malicious web page. The reported vulnerabilities were originally discovered by Syndis, a cybersecurity firm hired by Dropbox to conduct

Posted in Apple macOS, Apple Safari, dropbox, Hacking Mac Computer, Macbook hack, macOS security, remote code execution, Vulnerability | Comments (0)

3 New Code Execution Flaws Discovered in Atlantis Word Processor

November 20th, 2018
This is why you should always think twice before opening innocent looking email attachments, especially word and pdf files. Cybersecurity researchers at Cisco Talos have once again discovered multiple critical security vulnerabilities in the Atlantis Word Processor that allow remote attackers to execute arbitrary code and take over affected computers. An alternative to Microsoft Word,

Posted in 0day Exploit, Atlantis Word Processor, malware, Microsoft Word, MS Word, Vulnerability, Word Processing Software | Comments (0)

0-Days Found in iPhone X, Samsung Galaxy S9, Xiaomi Mi6 Phones

November 15th, 2018
At Pwn2Own 2018 mobile hacking competition held in Tokyo on November 13-14, white hat hackers once again demonstrated that even the fully patched smartphones running the latest version of software from popular smartphone manufacturers can be hacked. Three major flagship smartphones—iPhone X, Samsung Galaxy S9, and Xiaomi Mi6—were among the devices that successfully got hacked at the annual

Posted in cybersecurity, hacking competition, hacking news, iPhone X, mobile hacking, Samsung Galaxy S9, smartphone hacking, Vulnerability, Xiaomi Mi 6, Zero-Day Vulnerability | Comments (0)

7 New Meltdown and Spectre-type CPU Flaws Affect Intel, AMD, ARM CPUs

November 14th, 2018
Disclosed earlier this year, potentially dangerous Meltdown and Spectre vulnerabilities that affected a large family of modern processors proven that speculative execution attacks can be exploited in a trivial way to access highly sensitive information. Since then, several more variants of speculative execution attacks have been discovered, including Spectre-NG, SpectreRSB, Spectre 1.1,

Posted in amd processor, ARM processor, Cyber Attack, intel processor, Meltdown Vulnerability, Spectre Vulnerability, speculative execution, speculative execution attack, transient execution attacks, Vulnerability | Comments (0)

63 New Flaws (Including 0-Days) Windows Users Need to Patch Now

November 14th, 2018
It's Patch Tuesday once again…time for another round of security updates for the Windows operating system and other Microsoft products. This month Windows users and system administrators need to immediately take care of a total of 63 security vulnerabilities, of which 12 are rated critical, 49 important and one moderate and one low in severity. <!-- adsense --> Two of the vulnerabilities

Posted in hacking news, microsoft, Microsoft Patch Tuesday, Microsoft update, Security patch Update, Vulnerability, Windows 10, Zero-Day Vulnerability | Comments (0)

Here’s How Hackers Could Have Spied On Your DJI Drone Account

November 8th, 2018
Cybersecurity researchers at Check Point today revealed details of a potential dangerous vulnerability in DJI Drone web app that could have allowed attackers access user accounts and synced sensitive information within it, including flight records, location, live video camera feed, and photos taken during a flight. Thought the vulnerability was discovered and responsibly reported by the

Posted in cybersecurity, DJI Drone, DJI Mavic Pro Drone, DJI Phantom Drone, hacking news, Vulnerability | Comments (0)

Unpatched VirtualBox Zero-Day Vulnerability and Exploit Released Online

November 8th, 2018
An independent exploit developer and vulnerability researcher has publicly disclosed a zero-day vulnerability in VirtualBox—a popular open source virtualization software developed by Oracle—that could allow a malicious program to escape virtual machine (guest OS) and execute code on the operating system of the host machine. The vulnerability occurs due to memory corruption issues and affects

Posted in hacking news, hypervisors, virtual machine, virtualbox, Virtualization software, Vulnerability, zero-day exploit, Zero-Day Vulnerability | Comments (0)