Linkstrain-ng Slideshow

audit

Tor

Over a dozen vulnerabilities discovered in Tor audit, including a high-risk flaw that can be exploited to inject arbitrary bridges. The post Tor Code Audit Finds 17 Vulnerabilities appeared first on SecurityWeek.

...more

Android Security Update Patches Kernel Vulnerability Exploited by Spyware Vendor

Published: 2023-05-05 08:33:00

Popularity: 10

Author: Eduard Kovacs

Keywords:

Google’s latest Android security updates patch over 40 vulnerabilities, including CVE-2023-0266, a kernel flaw exploited as a zero-day by a spyware vendor. The post Android Security Update Patches Kernel Vulnerability Exploited by Spyware Vendor appeared first on SecurityWeek.

...more

EarSpy: Spying on Phone Calls via Ear Speaker Vibrations Captured by Accelerometer

Published: 2022-12-28 11:09:56

Popularity: 47

Author: Eduard Kovacs

Keywords:

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for eavesdropping on a targeted user’s conversations, according to a team of researchers from several universities in the United States. read more

...more

Nearly 300 Vulnerabilities Patched in Huawei's HarmonyOS in 2022

Published: 2023-01-03 11:39:44

Popularity: 11

Author: Eduard Kovacs

Keywords:

Chinese tech giant Huawei patched nearly 300 vulnerabilities in its HarmonyOS operating system in 2022. read more

...more

Rackspace Hit With Lawsuits Over Ransomware Attack

Published: 2022-12-12 12:21:29

Popularity: 12

Author: Eduard Kovacs

Keywords:

Incident Response

Cybercrime

At least two lawsuits have been filed against Texas-based cloud company Rackspace over the recently disclosed ransomware attack. read more

...more

Google Unveils KataOS 'Verifiably-Secure' Operating System for Embedded Devices

Published: 2022-10-19 10:18:02

Popularity: 14

Author: Eduard Kovacs

Keywords:

IoT Security

Google last week unveiled a new project focused on building a secure embedded platform for machine learning (ML) applications. The project’s goal is designing intelligent ambient ML systems that are secure and trustworthy. read more

...more

WordPress Security Update 6.0.3 Patches 16 Vulnerabilities

Published: 2022-10-19 11:31:39

Popularity: 16

Author: Eduard Kovacs

Keywords:

WordPress 6.0.3 started rolling out this week. The latest security release patches 16 vulnerabilities. read more

...more

Security Firm Discloses CrowdStrike Issue After 'Ridiculous Disclosure Process'

Published: 2022-08-23 11:29:19

Popularity: 27

Author: Eduard Kovacs

Keywords:

🤖: "Cyber Oops"

A security firm has disclosed the details of an issue affecting a CrowdStrike product after what it described as a ‘ridiculous vulnerability disclosure process’. CrowdStrike has provided some clarifications following the disclosure. read more

...more

Secure Boot Bypass Flaws Affect Bootloaders of Many Devices Made in Past Decade

Published: 2022-08-15 13:30:49

Popularity: 8

Author: Eduard Kovacs

Keywords:

🤖: "Bootjacked"

Bootloaders present in a majority of computers made in the past 10 years are affected by Secure Boot bypass vulnerabilities, according to firmware security company Eclypsium. read more

...more

Black Hat USA 2022 - Announcements Summary

Published: 2022-08-12 10:23:58

Popularity: 11

Author: Eduard Kovacs

Keywords:

Security Architecture

Data Protection

Security Infrastructure

Hundreds of companies and organizations showcased their products and services this week at the 2022 edition of the Black Hat conference in Las Vegas. read more

...more

Google Patches Critical Android Flaw Allowing Remote Code Execution via Bluetooth

Published: 2022-08-02 10:30:19

Popularity: 14

Author: Eduard Kovacs

Keywords:

Google on Monday published a security bulletin describing the latest round of patches for the Android operating system. Three dozen vulnerabilities have been fixed, including a critical issue that can be exploited for remote code execution over Bluetooth. read more

...more

Lenovo Patches UEFI Code Execution Vulnerability Affecting Many Laptops

Published: 2022-07-13 20:02:47

Popularity: 19

Author: Eduard Kovacs

Keywords:

🤖: ""UEFI bugger""

Lenovo has released a security advisory to inform customers that more than 70 of its laptops are affected by a UEFI/BIOS vulnerability that can lead to arbitrary code execution. read more

...more

New Database Catalogs Cloud Vulnerabilities, Security Issues

Published: 2022-06-28 13:01:05

Popularity: 12

Author: Eduard Kovacs

Keywords:

Cloud security company Wiz has announced the launch of a new database whose goal is to keep track of vulnerabilities and other security issues affecting cloud services. read more

...more

Millions of Budget Smartphones With UNISOC Chips Vulnerable to Remote DoS Attacks

Published: 2022-06-02 15:00:17

Popularity: 10

Author: Eduard Kovacs

Keywords:

🤖: ""bugged phones""

Millions of budget smartphones that use UNISOC chipsets could have their communications remotely disrupted by hackers due to a critical vulnerability discovered recently by researchers at cybersecurity firm Check Point. read more

...more

Google Discloses Details of Zoom Zero-Click Remote Code Execution Exploit

Published: 2022-05-25 10:37:49

Popularity: 12

Author: Eduard Kovacs

Keywords:

Google’s Project Zero has disclosed the details of a zero-click remote code execution exploit targeting the Zoom video conferencing software. read more

...more

New Variant of Spectre Attack Bypasses Intel and Arm Hardware Mitigations

Published: 2022-03-10 11:55:14

Popularity: 18

Author: Eduard Kovacs

Keywords:

🤖: ""Spectre strikes again""

A team of researchers from the Vrije Universiteit Amsterdam in the Netherlands has demonstrated a new Spectre attack variant that can bypass hardware mitigations implemented in recent years by Intel and Arm. read more

...more

Adobe Releases Emergency Patch for Exploited Commerce Zero-Day

Published: 2022-02-13 18:01:12

Popularity: 15

Author: Eduard Kovacs

Keywords:

Adobe released an emergency advisory on Sunday to inform Commerce and Magento users of a critical zero-day vulnerability that has been exploited in attacks. read more

...more

New Flaws Expose EVlink Electric Vehicle Charging Stations to Remote Hacking

Published: 2021-12-27 11:33:20

Popularity: 10

Author: Eduard Kovacs

Keywords:

🤖: ""Charging hacked""

Schneider Electric has patched several new vulnerabilities that expose its EVlink electric vehicle charging stations to remote hacker attacks. read more

...more

Researchers Disclose New Side-Channel Attacks Affecting All AMD CPUs

Published: 2021-10-15 11:07:26

Popularity: 18

Author: Eduard Kovacs

Keywords:

Researchers have disclosed the details of new timing and power-based side-channel attacks that affect all CPUs made by AMD, but the chipmaker says no new mitigations are necessary. read more

...more

Recently Patched Confluence Vulnerability Exploited in the Wild

Published: 2021-09-02 10:47:16

Popularity: 7

Author: Eduard Kovacs

Keywords:

Hackers started exploiting a vulnerability in Atlassian’s Confluence enterprise collaboration product just one week after the availability of a patch was announced. read more

...more

New DNS Attack Enables 'Nation-State Level Spying' via Domain Registration

Published: 2021-08-06 15:08:13

Popularity: 14

Author: Eduard Kovacs

Keywords:

A new domain name system (DNS) attack method that involves registering a domain with a specific name can be leveraged for what researchers described as “nation-state level spying.” read more

...more

Adobe Patches 21 Vulnerabilities Across Seven Products

Published: 2021-07-21 10:03:49

Popularity: 13

Author: Eduard Kovacs

Keywords:

🤖: ""Patch party""

Security updates released by Adobe on Tuesday for seven of its products patch a total of 21 vulnerabilities, including 15 flaws that have been assigned a critical severity rating. read more

...more

Google Releases Open Source Tools and Libraries for Fully Homomorphic Encryption

Published: 2021-06-16 13:37:47

Popularity: 12

Author: Eduard Kovacs

Keywords:

Data Protection

🤖: "crypto secrets"

Google this week announced that it has released open source tools and libraries that can be used by developers to implement fully homomorphic encryption (FHE). read more

...more

GitHub Discloses Details of Easy-to-Exploit Linux Vulnerability

Published: 2021-06-11 13:09:45

Popularity: 12

Author: Eduard Kovacs

Keywords:

🤖: ""Linux pwned""

GitHub this week disclosed the details of an easy-to-exploit Linux vulnerability that can be leveraged to escalate privileges to root on the targeted system. The flaw, classified as high severity and tracked as CVE-2021-3560, impacts polkit, an authorization service that is present by default in many Linux distributions. read more

...more

VMware Urges Customers to Immediately Patch Critical vSphere Vulnerability

Published: 2021-05-26 14:29:30

Popularity: 9

Author: Eduard Kovacs

Keywords:

🤖: "patch party fail"

VMware has urged customers to immediately patch a critical vulnerability affecting vCenter Server, the management interface for vSphere environments. The vulnerability, tracked as CVE-2021-21985, was reported to VMware by Ricter Z of 360 Noah Lab and it has been patched in versions 6.5, 6.7 and 7.0 of vCenter Server. read more

...more

$200,000 Awarded for Zero-Click Zoom Exploit at Pwn2Own

Published: 2021-04-08 11:13:54

Popularity: 47

Author: Eduard Kovacs

Keywords:

Two researchers earned $200,000 on the second day of the Pwn2Own 2021 hacking competition for a Zoom exploit allowing remote code execution without user interaction. read more

...more

Research Shows How Solar Energy Installations Can Be Abused by Hackers

Published: 2021-02-17 15:24:26

Popularity: 28

Author: Eduard Kovacs

Keywords:

IoT Security

Researchers at cybersecurity firm FireEye have analyzed a gateway device used for solar energy installations, and discovered vulnerabilities that could be useful to malicious hackers. read more

...more

Adobe Patches Reader Vulnerability Exploited in the Wild

Published: 2021-02-09 18:29:39

Popularity: 24

Author: Eduard Kovacs

Keywords:

Adobe on Tuesday announced the availability of patches for 50 vulnerabilities across six of its products, including a zero-day vulnerability in Reader that has been exploited in the wild. read more

...more

Three New Vulnerabilities Patched in OpenSSL

Published: 2021-02-17 09:31:00

Popularity: 36

Author: Eduard Kovacs

Keywords:

...more

Pwn2Own 2021: Hackers Offered $200,000 for Zoom, Microsoft Teams Exploits

Published: 2021-01-27 09:49:45

Popularity: 54

Author: Eduard Kovacs

Keywords:

Trend Micro’s Zero Day Initiative (ZDI) on Tuesday announced the targets, prizes and rules for the Pwn2Own Vancouver 2021 hacking competition, a hybrid event scheduled to take place on April 6-8. read more

...more

Vulnerabilities Expose Thousands of MobileIron Servers to Remote Attacks

Published: 2020-09-14 12:18:11

Popularity: 44

Author: Eduard Kovacs

Keywords:

Researchers have disclosed the details of several potentially serious vulnerabilities affecting MobileIron’s mobile device management (MDM) solutions, including a flaw that can be exploited by an unauthenticated attacker for remote code execution on affected servers. read more

...more

Adobe Patches Critical Code Execution Flaws in AEM, FrameMaker, InDesign

Published: 2020-09-08 18:07:19

Popularity: 24

Author: Eduard Kovacs

Keywords:

Adobe on Tuesday informed customers that it has patched a total of 18 vulnerabilities across its Experience Manager (AEM), FrameMaker and InDesign products. read more

...more

Chinese Researchers Show How They Remotely Hacked a Mercedes-Benz

Published: 2020-08-07 19:11:40

Popularity: 100

Author: Eduard Kovacs

Keywords:

...more

Microsoft Patches Critical Code Execution Vulnerabilities in Windows, Browsers

Published: 2020-06-10 03:32:35

Popularity: 29

Author: Eduard Kovacs

Keywords:

Microsoft’s security updates for June 2020 patch 129 vulnerabilities, including 11 critical remote code execution flaws affecting Windows, the Edge and Internet Explorer browsers, and SharePoint. read more

...more

No Patch for VPN Bypass Flaw Discovered in iOS

Published: 2020-03-26 19:55:19

Popularity: 49

Author: Eduard Kovacs

Keywords:

🤖: ""VPN fail""

Proton Technologies, the company behind the privacy-focused ProtonMail and ProtonVPN services, this week disclosed the existence of a vulnerability in Apple’s iOS mobile operating system that prevents VPN applications from encrypting all traffic. read more

...more

Critical Flaw in VMware Workstation, Fusion Allows Code Execution on Host From Guest

Published: 2020-03-13 15:21:36

Popularity: 72

Author: Eduard Kovacs

Keywords:

🤖: ""Vulnerable VMs""

VMware has patched three serious vulnerabilities in its products, including a critical flaw in Workstation and Fusion that can be exploited to execute arbitrary code on the host from the guest operating system. The critical flaw, tracked as CVE-2020-3947, is caused by a use-after-free bug in the vmnetdhcp component. read more

...more

Flaw in WordPress Themes Plugin Allowed Hackers to Become Site Admin

Published: 2020-02-17 15:44:34

Popularity: 41

Author: Eduard Kovacs

Keywords:

🤖: ""Security breach""

A serious vulnerability found in a WordPress themes plugin with over 200,000 active installations can be exploited to wipe a website’s database and gain administrator access to the site. read more

...more

Researchers Disclose Another SIM Card Attack Possibly Impacting Millions

Published: 2019-09-27 11:33:27

Popularity: 76

Author: Eduard Kovacs

Keywords:

A new variant of a recently disclosed SIM card attack method could expose millions of mobile phones to remote hacking, researchers have warned. read more

...more

Vulnerability Patched in Firefox Password Manager

Published: 2019-08-15 18:04:13

Popularity: 38

Author: Eduard Kovacs

Keywords:

Identity & Access

🤖: "Browser blues"

The latest update released by Mozilla for Firefox patches a vulnerability that can be exploited to bypass the master password of the built-in password manager and obtain stored passwords. read more

...more

Vulnerabilities Expose BD Infusion Therapy Devices to Attacks

Published: 2019-06-14 14:16:23

Popularity: 51

Author: Eduard Kovacs

Keywords:

IoT Security

🤖: ""Infusion hack""

CyberMDX, a research and analysis company specializing in medical device security, on Thursday revealed that its employees identified two serious vulnerabilities in infusion therapy products from medical technology firm BD. read more

...more

Intel MDS Vulnerabilities: What You Need to Know

Published: 2019-05-15 14:29:55

Popularity: 64

Author: Eduard Kovacs

Keywords: