Cyber Security Newsfeeds from around the world
Almost every IT security professional is concerned that the latest advanced persistent threats (APTs) have made them potential targets of sophisticated cyberespionage campaigns. A survey of IT security leaders in the U.S. and several European countries…
Continue Readingof Marcus Hutchins. Twitter feed Louise Mensch is an independent British/American journalist. Remember the reluctant WannaCry hero? WannaCry was ransomware that made big headlines in mid-2017 for two important reasons. First, it was a true computer wor…
Continue ReadingThe release of Robert Mueller’s report on Russian interference in the 2016 presidential election has only further inflamed the debate over U.S. President Donald Trump’s future—especially as it became apparent that the special counsel’s assessment of th…
Continue ReadingLinux kernel: use after free via sctp_sendmsg Synthesis of the vulnerability An attacker can force the usage of a freed memory area via sctp_sendmsg() of the Linux kernel, in order to trigger a denial of service, and possibly to run code. Vulnerable sy…
Continue ReadingThe firm fixed nearly 300 bugs across its products, saying many were at risk of being actively exploited.
Oracle has fixed nearly 300 bugs, many of them high-risk, across its range of products, urging administrators to apply the patches quickly due to…
Continue ReadingCisco Prime Infrastructure: Man-in-the-Middle via SSL Certificate Not Validated Synthesis of the vulnerability An attacker can act as a Man-in-the-Middle via SSL Certificate Not Validated on Cisco Prime Infrastructure, in order to read or write data in…
Continue ReadingCisco IP Phone SPAx: privilege escalation via Certificate Validation Synthesis of the vulnerability An attacker can bypass restrictions via Certificate Validation of Cisco IP Phone SPAx, in order to escalate his privileges. Vulnerable systems:
Severit…
Continue Reading################################################################### # Exploit Title : Thailand Government CityVariety Corporation Error Based SQL Injection – Arbitrary File Download # Author [ Discovered By ] : KingSkrupellos # Team : Cyberizm Digital …
Continue ReadingCisco IP Phone 7800/8800: denial of service via CDP/LLDP Synthesis of the vulnerability An attacker can trigger a fatal error via CDP/LLDP of Cisco IP Phone 7800/8800, in order to trigger a denial of service. Vulnerable software:
Severity of this anno…
Continue Reading################################################################### # Exploit Title : LivroreClamacoes Grupo Ajulio Portugal SQL Injection # Author [ Discovered By ] : KingSkrupellos # Team : Cyberizm Digital Security Army # Date : 20/04/2019 # Vendor …
Continue Reading