Sunday , November 10 2024 3:57 AM
Home / Vulnerabilities

Vulnerabilities

RAMBleed Attack – Flip Bits to Steal Sensitive Data from Computer Memory

A team of cybersecurity researchers yesterday revealed details of a new side-channel attack on dynamic random-access memory (DRAM) that could allow malicious programs installed on a modern system to read sensitive memory data from other processes running on the same hardware. Dubbed RAMBleed and identified as CVE-2019-0174, the new attack is based on …

Read More »

Your Linux Can Get Hacked Just by Opening a File in Vim or Neovim Editor

Linux users, beware! If you haven’t recently updated your Linux operating system, especially the command-line text editor utility, do not even try to view the content of a file using Vim or Neovim. Security researcher Armin Razmjou recently discovered a high-severity arbitrary OS command execution vulnerability (CVE-2019-12735) in Vim and Neovim—two most popular and powerful …

Read More »

Facebook Hacked — 10 Important Updates You Need To Know About

If you also found yourself logged out of Facebook on Friday, you are not alone. Facebook forced more than 90 million users to log out and back into their accounts in response to a massive data breach. On Friday afternoon, the social media giant disclosed that some unknown hackers managed …

Read More »

Reliance Jio Customers’ Data Allegedly Hacked – Company Denies Breach

Personal details of some 120 Million customers have been allegedly exposed on the Internet in probably the biggest breach of personal data ever in India. Last night, an independent website named Magicapk.com went online, offering Reliance Jio customers to search for their identification data (Know Your Customer or KYC) just …

Read More »

WordPress Plugin Used by 300,000+ Sites Found Vulnerable to SQL Injection Attack

A SQL Injection vulnerability has been discovered in one of the most popular WordPress plugins, installed on over 300,000 websites, which could be exploited by hackers to steal databases and possibly hijack the affected sites remotely. The flaw has been discovered in the highly popular WP Statistics plugin, which allows site administrators …

Read More »

WannaCry Kill-Switch(ed)? It’s Not Over! WannaCry 2.0 Ransomware Arrives

If you are following the news, by now you might be aware that a security researcher has activated a “Kill Switch” which apparently stopped the WannaCry ransomware from spreading further. But it’s not true, neither the threat is over yet. However, the kill switch has just slowed down the infection …

Read More »

Protect Against WannaCry: Microsoft Issues Patch for Unsupported Windows

In the wake of the largest ransomware attack in the history that had already infected over 114,000 Windows systems worldwide since last 24 hours, Microsoft just took an unusual step to protect its customers with out-of-date computers. Microsoft has just released an emergency security patch update for all its unsupported …

Read More »

Over 1 Million Google Accounts Hacked by ‘Gooligan’ Android Malware

If you own an Android smartphone, Beware! A new Android malware that has already breached more than 1 Million Google accounts is infecting around 13,000 devices every day. Dubbed Gooligan, the malware roots vulnerable Android devices to steal email addresses and authentication tokens stored on them. With this information in …

Read More »

Cisco finds new Zero-Day Exploit linked to NSA Hackers

Network equipment vendor Cisco is finally warning its customers of another zero-day vulnerability the company discovered in the trove of NSA’s hacking exploits and implants leaked by the group calling itself “The Shadow Brokers.” Last month, the Shadow Brokers published firewall exploits, implants, and hacking tools allegedly stolen from the …

Read More »

Apple issues critical iOS update to thwart ‘Pegasus’ malware

Security researchers have identified a three-headed monster that could be used to record sounds, collect passwords, read text messages, record calls and track users. All iOS versions 9.3.4 and below are vulnerable. The attack utilizes a mobile spyware product, ‘Pegasus,’ created by NSO Group — an Israeli cyber warfare company — designed to attack high-value …

Read More »