Cyber Security Newsfeeds from around the world
# Exploit Title: Endian Firewall cross-site scripting (XSS) # Date: 08/22/2019 # Exploit Authors: Milad Soltanian + G0dfather ( @irpwn ) # Vendor Homepage: https://www.endian.com # Version : 3.3.0 An attacker may leverage these issues to execute arbitr…
Continue ReadingPop-ups and browser lockers have given way to irritating and potentially destructive push notifications. For many of us, when we hear the word “malware,” the first thing that comes to mind would be visions of emptied bank accounts, encrypted files or w…
Continue ReadingWhat Can Attackers Do After Successful Session Hijacking? If successful, the attacker can then perform any actions that the original user is authorized to do during the active session. Depending on the targeted application, this may mean transferring m…
Continue ReadingI’m sorry GT500 but can you please remind me of the security vulnerability report for any version of Chrome or Firefox that allowed an unprivileged user to obtain full system user level access? I can not find one. The excuse of “it’s a legitimate progr…
Continue Reading. Posted: August 21, 2019 by Jovi Umawing Those who are familiar with Bluetooth BR/EDR technology (aka Bluetooth Classic, from 1.0 to 5.1) can attest that it is not perfect. Like any other piece of hardware or software technology already on market, its…
Continue ReadingThreat actors aren’t stupid. Really, they’re not. They know that the best way into an organization’s network is through users. People are the weakest link in any cybersecurity strategy. Why spend countless hours trying to hack into a business system wh…
Continue ReadingUPDATE — July 17th. It has since come to light that Zoom and 13 of their white label applications contained a Remote Code Execution (RCE) vulnerability . Zoom, RingCentral, Telus Meetings, BT Cloud Phone Meetings, Office Suite HD Meeting, AT&T Video Me…
Continue ReadingDistribution of newly detected mobile apps by type, Q1 and Q2 2019 (download) Among all the threats detected in Q2 2019, the lion’s share went to potentially unsolicited RiskTool apps with 41.24%, which is 11 p.p. more than in the previous quarter. The…
Continue ReadingA security flaw in Kaspersky antivirus leaves millions of users exposed to online hack. A security journalist Ronald Eikenberg at German computer magazine C’T revealed that a flaw in Kaspersky antivirus software allowed third parties to spy on its mill…
Continue ReadingA malspam campaign was spotted by security researchers that was targeting the financial staff of multiple entities from the North American hotel industry, using malicious attachments to drop the NetWiredRC Remote Access Trojan (RAT) on unsuspecting vic…
Continue Reading