Archive for the ‘Vulnerability’ Category
A cybersecurity researcher today disclosed technical details and proof-of-concept of a critical remote code execution vulnerability affecting OpenWrt, a widely used Linux-based operating system for routers, residential gateways, and other embedded devices that route network traffic.
Tracked as CVE-2020-7982, the vulnerability resides in the OPKG package manager of OpenWrt that exists in the
Posted in cybersecurity, hacking news, HTTP, network security, openwrt, Router Security, Vulnerability | Comments (0)
A new version of the infamous Mirai botnet is exploiting a recently uncovered critical vulnerability in network-attached storage (NAS) devices in an attempt to remotely infect and control vulnerable machines.
Called "Mukashi," the new variant of the malware employs brute-force attacks using different combinations of default credentials to log into Zyxel NAS, UTM, ATP, and VPN firewall
Posted in Botnet, brute force attack, Cyber Attack, firewall, Malware attack, mirai, mirai botnet, NAS devices, Vulnerability | Comments (0)
Though it's not Patch Tuesday, Adobe today released a massive batch of out-of-band software updates for six of its products to patch a total of 41 new security vulnerabilities.
Adobe last week made a pre-announcement to inform its users of an upcoming security update for Acrobat and Reader, but the company today unveiled bugs in a total of 6 widely-used software, including:
Posted in adobe, adobe photoshop cc, adobe software, adobe software update, arbitrary code execution, Vulnerability | Comments (0)
Remember rowhammer vulnerability? A critical issue affecting modern DRAM (dynamic random access memory) chips that could allow attackers to obtain higher kernel privileges on a targeted system by repeatedly accessing memory cells and induce bit flips.
To mitigate Rowhammer vulnerability on the latest DDR4 DRAM, many memory chip manufacturers added some defenses under the umbrella term Target
Posted in cyber security, DRAM Chip, DRAM RowHammer Vulnerability, DRAM Vulnerability, RAM hacking, RowHammer Attack, Vulnerability | Comments (0)
It appears there is no end in sight to the hardware level security vulnerabilities in Intel processors, as well as to the endless 'performance killing' patches that resolve them.
Modern Intel CPUs have now been found vulnerable to a new attack that involves reversely exploiting Meltdown-type data leak vulnerabilities to bypass existing defenses, two separate teams of researchers told The
Posted in cyber security, Intel, intel processor, intel vulnerability, Vulnerability | Comments (0)
Google yesterday released a new critical software update for its Chrome web browser for desktops that will be rolled out to Windows, Mac, and Linux users over the next few days.
The latest Chrome 80.0.3987.122 includes security fixes for three new vulnerabilities, all of which have been marked 'HIGH' in severity, including one that (CVE-2020-6418) has been reportedly exploited in the wild.
Posted in chrome, Chrome vulnerability, cyber security, Google Chrome, remote code execution, Vulnerability | Comments (0)
OpenSMTPD has been found vulnerable to yet another critical vulnerability that could allow remote attackers to take complete control over email servers running BSD or Linux operating systems.
OpenSMTPD, also known as OpenBSD SMTP Server, is an open-source implementation of the Simple Mail Transfer Protocol (SMTP) to deliver messages on a local machine or to relay them to other SMTP servers.
Posted in cyber security, email server, linux, OpenBSD, OpenSMTPD, remote code execution, server security, Vulnerability | Comments (0)
A popular WordPress theme plugin with over 200,000 active installations contains a severe but easy-to-exploit software vulnerability that, if left unpatched, could let unauthenticated remote attackers compromise a wide range of websites and blogs.
The vulnerable plugin in question is 'ThemeGrill Demo Importer' that comes with free as well as premium themes sold by the software development
Posted in hacking wordpress, Vulnerability, WordPress, Wordpress plugin, Wordpress plugin vulnerability, Wordpress Security, Wordpress theme | Comments (0)
A team of cybersecurity researchers late last week disclosed the existence of 12 potentially severe security vulnerabilities, collectively named 'SweynTooth,' affecting millions of Bluetooth-enabled wireless smart devices worldwide—and worryingly, a few of which haven't yet been patched.
All SweynTooth flaws basically reside in the way software development kits (SDKs) used by multiple
Posted in bluetooth hack, Bluetooth hacking, cyber security, hacking bluetooth devices, Vulnerability | Comments (0)