#cybersecurity | #hackerspace | The State of Vulnerabilities in 2019

This year we slightly changed the vulnerability classification algorithm. The goal was to increase classification accuracy as well as to fit the vulnerabilities to the categories defined by OWASP in the best way possible. Such changes directly affected…

You can still get Windows 7 updates without paying a penny to Microsoft

It can hardly have escaped your attention that Windows 7 has now reached end of life. For companies and enterprise customers unwilling to pay for Extended Security Updates, this means there will be no more updates. The average home user who has decided…

Amazon CEO Jeff Bezos’ phone hacking: This WhatsApp flaw caused it all

The WhatsApp flaw used to hack in Jeff Bezos’ iPhone X was acknowledged by Facebook back in November, 2019. (Image source: Reuters) The hacking of Amazon CEO Jeff Bezos’ phone via a video file sent on WhatsApp has raised a lot of questions, especially …

Multiple vulnerabilities in Primavera Gateway

1) XML External Entity injection. Severity: High. CVSSv3: [PCI] CVE-ID: CVE-2019-12415. CWE-ID: Description. CWE-611 – Improper Restriction of XML External Entity Reference (‘XXE’) The vulnerability allows a remote attacker to gain access to sensitive …

Should you still use Windows 7 for online banking after Microsoft pulls plug on support?

Jake Moore, a cybersecurity specialist at antivirus provider ESET, said: ‘Windows 7 users leave themselves open to multiple vulnerabilities on this now outdated operating system. ‘If users are choosing to move forward with it, they could be preyed upon…