Saturday, June 12, 2021

Malware and Vulnerabilities

An error of coding results attacker will delete a live video of Facebook

Facebook has solved the problem of Programming errors on live video services that allow attackers to successfully remove video without the user's permission. On April 17, security researcher Ahmad Talahmeh published a statement outlining how the threat works, as well...

NSA Discovers new critical vulnerabilities in Exchange Servers

The National Security Agency on Tuesday said it had warned Microsoft of several serious problems that criminals could use to hack the Exchange Server email system remotely. Microsoft today released a series of Server Security updates that address a range...

Apple developers targeted by EggShell Backdoor

Xcode malicious projects are used to hijack developer systems and distribute EggShell custom backdoors. The malware, called XcodeSpy, is targeted by Xcode, an integrated development platform (IDE) used in macOS for Apple's software development. According to a study published by Sentinel...

Apple releases a patch for a security flaw found by researchers at Google and Microsoft

Apple releases fix for a bug that could affect iPhone, iPad, and Mac which could lead to arbitrary code execution by visiting malicious web content. Like most bugs, this is a memory-related bug and affects WebKit, the browser behind Safari...

Salt Project patched a privilege escalation bug impacting SaltStack Salt minions

The Salt Project has patched a privilege escalation bug impacting SaltStack Salt minions that could be used during a wider exploit chain.  The vulnerability, CVE-2020-28243, is described as a privilege escalation bug impacting SaltStack Salt minions allowing "an unprivileged user to...

IBM has issued security patches to fix high- and medium-severity bugs

IBM has issued security patches to fix high- and medium-severity bugs affecting large business software solutions. The worst bugs could lead to malicious code execution and application crashes. This week, the tech giant published a set of security tips laying out...

Cyber Criminals Exploit zero-day vulnerability in FTA servers for Data Theft and Extortion

Cybersecurity company FireEye said today cybercriminal gang known as FIN11 performed a zero-day attack on Accellion FTA servers that hit 100 companies worldwide in December 2020 and January 2021. During the attack, hackers used four security bugs to attack FTA...

Python release quick updates to Fix remote code vulnerabilities

The Python Software Foundation (PSF) has rapidly launched Python 3.9.2 and 3.8.8 to address two significant security breaches, including one that is exploited remotely but with active terms that can only be used to hack an offline machine. The PSF...

Bug in a shared SDK may allow attackers to join calls undetected across multiple apps

A small library that provides audio and video call capabilities contain a bug that allows attackers to join audio and video calls without being detected. The bug - detected by security company McAfee and tracked as CVE-2020-25605 - affects the...

Google patches Chrome zero-day vulnerability exploited in the wild

Google has released today Stable version 88.0.4324.150 of the Chrome browser for Windows, Mac, and Linux. Today's release contains only one bug fix for a Chrome zero-day vulnerability that was exploited in the wild. "Google is aware of reports that...

Latest News

An error of coding results attacker will delete a live video of Facebook

Facebook has solved the problem of Programming errors on live video services that allow attackers to successfully remove video...

What is a Cyber Attack or Virtual Attack

Firstly We Wil Discuss About Cyberattack or we will also say virtual attack. A Cyberattack is a type of attack that will be done...

Firefox 88 start disabling FTP with removal set for Firefox 90

Firefox 88 update has disabled File Transfer Protocol (FTP) support completely from the browser. The handling of clicking on FTP links from within Firefox...

Google Project Zero giving The 30-day grace period for user patch adoption

Google Project Zero will be shifting from a fairly hard 90-day deadline to a new model that incorporates a new 30-day grace period to...

Parking app ParkMobile experiences data breach of 21M Users

The popular mobile app that drivers use to pay and find available public parking in Pittsburgh and in other cities experienced a data breach...