Archive for the ‘remote code execution’ Category

Critical Flaws Found in Amazon FreeRTOS IoT Operating System

October 19th, 2018
A security researcher has discovered several critical vulnerabilities in one of the most popular embedded real-time operating systems—called FreeRTOS—and its other variants, exposing a wide range of IoT devices and critical infrastructure systems to hackers. What is FreeRTOS (Amazon, WHIS OpenRTOS, SafeRTOS)? FreeRTOS is a leading open source real-time operating system (RTOS) for embedded

Posted in Amazon AWS, Amazon Web Services, embedded devices, FreeRTOS, IoT Hacking, IoT Operating System, IoT security, OpenRTOS, remote code execution, SafeRTOS, Vulnerability | Comments (0)

Remotely Exploitable Flaw Puts Millions of Internet-Connected Devices at Risk

July 18th, 2017

Security researchers have discovered a critical remotely exploitable vulnerability in an open-source software development library used by major manufacturers of the Internet-of-Thing devices that eventually left millions of devices vulnerable to hacking.

The vulnerability (CVE-2017-9765), discovered by researchers at the IoT-focused security firm Senrio, resides in the software development

Posted in buffer overflow vulnerability, gSOAP toolkit, hacking news, Internet of things, iot devices, remote code execution, smart device, software development, Vulnerability | Comments (0)

Over 70,000 Memcached Servers Still Vulnerable to Remote Hacking

July 18th, 2017

Nothing in this world is fully secure, from our borders to cyberspace. I know vulnerabilities are bad, but the worst part comes in when people just don’t care to apply patches on time.

Late last year, Cisco’s Talos intelligence and research group discovered three critical remote code execution (RCE) vulnerabilities in Memcached that exposed major websites including Facebook, Twitter, YouTube,

Posted in cache server, database hacking, hacking database, memcached, MongoDB database, patch update, php website, ransomware, remote code execution, secure mongodb, server hacking, Vulnerability, website security | Comments (0)

Adobe Fixes Six Vulnerabilities in Flash, Connect with July Update

July 11th, 2017

Adobe only fixed six vulnerabilities in two products, making it the company’s smallest security bulletin of the year.

Posted in adobe, Adobe Connect for Windows, Adobe Flash, Clickjacking, flash player, information disclosure, memory address disclosure, remote code execution, UI redress, vulnerabilities | Comments (0)

Millions of Android Devices Using Broadcom Wi-Fi Chip Can Be Hacked Remotely

July 7th, 2017

Google has released its latest monthly security update for Android devices, including a serious bug in some Broadcom Wi-Fi chipsets that affects millions of Android devices, as well as some iPhone models.

Dubbed BroadPwn, the critical remote code execution vulnerability resides in Broadcom’s BCM43xx family of WiFi chipsets, which can be triggered remotely without user interaction, allows a

Posted in Android Vulnerability, Broadcom, Broadcom Wifi chip, hacking news, how to hack android, how to hack iphone, iOS vulnerability, remote code execution, Vulnerability | Comments (0)

7-Year-Old Samba Flaw Lets Hackers Access Thousands of Linux PCs Remotely

May 25th, 2017

A 7-year-old critical remote code execution vulnerability has been discovered in Samba networking software that could allow a remote attacker to take control of an affected Linux and Unix machines.

Samba is open-source software (re-implementation of SMB networking protocol) that runs on the majority of operating systems available today, including Windows, Linux, UNIX, IBM System 390, and

Posted in exploit code, hacking Linux servers, hacking news, how to hack linux, linux security, Metasploit Framework, remote code execution, Samba server, Samba Service, Samba vulnerability, smb vulnerability | Comments (0)

Apple Releases Dozens of Security Patches for Everything

May 16th, 2017

While Windows users are currently in fear of getting their systems hijacked by the WannaCry ransomware outbreak, Apple users are sitting relaxed, thinking that malware attacks are something that happens to Windows users, and not Apple.

But you are mistaken – Apple products are also not immune to the hack attacks and malware infections, as an ebook can hack your Mac, iPhone, and iPad.

Apple

Posted in apple security, Apple TV, Cross site scripting, hacking news, iOS Update, ipad hacking, iPhone Security, remote code execution, Security patch Update, update iphone, Vulnerability | Comments (0)

0-Day Flaws in Vanilla Forums Let Remote Attackers Hack Websites

May 12th, 2017

A security researcher has publicly disclosed two critical zero-day vulnerabilities in Vanilla Forums, an open source software that powers discussion on over 500,000 websites, which could allow unauthenticated, remote attackers to fully compromise targeted websites easily.

Discovered by Polish security researcher Dawid Golunski of Legal Hackers, two separate unpatched vulnerabilities, a remote

Posted in forum software, hacking forum, Host Header Injection, phpmailer, remote code execution, Vanilla Forums, Vulnerability | Comments (0)

Vanilla Forums Software Vulnerable to RCE, Host Header Injection Vulnerability

May 11th, 2017

Vanilla Forums software suffers from vulnerabilities that could let an attacker gain access to user accounts, carry out web-cache poisoning attacks, and in some instances, execute arbitrary code.

Posted in Dawid Golunski, Host Header Injection vulnerability, remote code execution, Vanilla Forums, vulnerabilities, Web Security | Comments (0)