Ken's Automated News Feed Aggregator
Some of Honeywell’s MAXPRO video surveillance systems are affected by serious vulnerabilities that can be exploited by hackers to take complete control of the system, a researcher has discovered. Researcher Joachim Kerschbaumer told SecurityWeek that h…
This year we slightly changed the vulnerability classification algorithm. The goal was to increase classification accuracy as well as to fit the vulnerabilities to the categories defined by OWASP in the best way possible. Such changes directly affected…
All good things must come to an end, and the time has finally come to say goodbye to Windows 7. As of January 14, 2020, Microsoft has officially stopped supporting the operating system, which means no more automatic (or requested) downloading and insta…
A vulnerability was identified in Microsoft Internet Explorer. A remote user can exploit this vulnerability to trigger remote code execution on the targeted system.
The vulnerability is being exploited in the wild. No patch is currently available.
No…
# Exploit Title : KeePass 2.44 – Denial of Service (PoC) # Product : KeePass Password Safe # Version :
It can hardly have escaped your attention that Windows 7 has now reached end of life. For companies and enterprise customers unwilling to pay for Extended Security Updates, this means there will be no more updates. The average home user who has decided…
Imagine checking your email and getting a message saying your account has been hacked. You never contacted the sender, have no idea what they’re talking about and don’t know why your account would be compromised. Yet somehow, the email arrived — which …
The WhatsApp flaw used to hack in Jeff Bezos’ iPhone X was acknowledged by Facebook back in November, 2019. (Image source: Reuters) The hacking of Amazon CEO Jeff Bezos’ phone via a video file sent on WhatsApp has raised a lot of questions, especially …
1) XML External Entity injection. Severity: High. CVSSv3: [PCI] CVE-ID: CVE-2019-12415. CWE-ID: Description. CWE-611 – Improper Restriction of XML External Entity Reference (‘XXE’) The vulnerability allows a remote attacker to gain access to sensitive …
Jake Moore, a cybersecurity specialist at antivirus provider ESET, said: ‘Windows 7 users leave themselves open to multiple vulnerabilities on this now outdated operating system. ‘If users are choosing to move forward with it, they could be preyed upon…