Tag

vulnerability

vulnerability page 2

phising email phishing anti phishing phishing solutions

Critical and Vulnerable Phishing Kits Found on GitHub

Many phishing kits come with web app vulnerabilities that could expose the servers used for their deployment to new attacks which could lead to full server take over. Phishing kits are packages of ready to deploy fake login pages targeting a wide range of online services, ranging from Gmail and Amazon to Microsoft and PayPal....
Continue Reading
Data breach

Unprotected Evite website containing customers’ data exposed in a data leak

A social planning and e-invitations service company named Evite detected a security breach when anunauthorized party acquired an inactive data storage file associated with the firm’s user accounts last April 15, 2019. This storage file contains customer’s information which includes names, usernames, email addresses, passwords, dates of birth, phone numbers, and mailing addresses.   Among...
Continue Reading
Malware and Adware Attacks Using WP Plugins

Malware and Adware Attacks Using WP Plugins

With each passing day, cases of WordPress infection that redirects visitors to suspicious pages is getting common.  Recently, a vulnerability was discovered in tag Div Themes and Ultimate Member Plugins. In this WordPress redirect hack visitors to your website are redirected to phishing or malicious pages.   In this hack, users, when redirected, are taken...
Continue Reading
WordPress Yuzo Plugin Becomes Scamming Tool

WordPress Yuzo Plugin Becomes Scamming Tool

The Yuzo Related Posts plugin, which is installed on over 60,000 websites, was removed from the WordPress.org plugin directory on March 30, 2019 after an unpatched vulnerability was publicly, and irresponsibly, disclosed by a security researcher that same day.   The vulnerability, which allows stored cross-site scripting (XSS), is now being exploited in the wild....
Continue Reading
Rowhammer attack

New variant of Rowhammer attack risking danger for possible data leak

International academic researchers discovered a new variant of the Rowhammer attack,which they named asRAMBleed,that can be performed even if a system is patched against Rowhammer. The unfamiliar attack of this RAMBleed is that it targets devices to steal information, contrary to other Rowhammer attacks that alter existing data or elevate an attacker’s privileges. As many...
Continue Reading
anti malware

Even the NSA is urging Windows users to patch BlueKeep

Summary Security vulnerability that was discovered in Microsoft’s Remote Desktop Protocol (RDP), that allow for the possibility of remote code execution via BlueKeep. NSA urges to update their system to prevent a re-run of attacks coincide 2017 ransomware outbreaks. Analysis A wormableremote code execution vulnerability first found in the wild on May 14,2019 with CVE-2019-0708,...
Continue Reading
phishing sites

FBI warns users to be wary of phishing sites abusing HTTPS

Summary HTTPS green padlock symbol may no longer indicate secured connection.   Analysis on phishing sites There has been a steady increase in threat actors’ use of SSL certificates to add an air of legitimacy to malicious websites. Since 2017 almost a third of phishing sites had SSL certificates, meaning their URLs began with HTTPS://...
Continue Reading
Hackers Can Utilize Hardware Vulnerability of Chips to Perform Remote Attacks

Hackers Can Utilize Hardware Vulnerability of Chips to Perform Remote Attacks

Qualcomm chipsets are generally the processor of choice for many smartphone users, owing to the firm’s powerful graphics hardware and developer-friendly nature. It’s not immune to security flaws though, and its latest vulnerability is a big one.   Security researchers discovered the flaw last year, allowing cyber-criminals to gain private data and security keys in...
Continue Reading
Sony smart TVs

Sony SMART TVs Expose WiFi Passwords

Security vulnerabilities in Android-based Sony smart TVs allow attackers to access WiFi Passwords and the images stored on the devices.   The vulnerability resides in the Photo Sharing Plus which allows users to upload photos to Sony Smart TV through a smartphone. It affects not only the TV’s used at the home but also the...
Continue Reading
Wireless Chipsets Affects Billions of Devices

Critical Bug in Well-known Wireless Chipsets Affects Billions of Devices

ThreadX is a real-time operating system (RTOS) developed by Express Logic, capable of running in a rich set of different platforms and devices. It is actually the most deployed RTOS, with over 6.2 billion deployments, including IoT (Internet of Things) devices, modems, laptops such as Samsung Chromebooks and Microsoft Surface, and even gaming consoles like...
Continue Reading
1 2 3