Malware and Vulnerabilities

Nvidia releases security update for high-severity flaws affecting Windows, Linux devices

Nvidia releases security update for high-severity flaws affecting Windows, Linux devices

NVIDIA has released security updates to address six security vulnerabilities found in Windows and Linux GPU screen drivers, as well as ten additional flaws affecting the NVIDIA Virtual GPU (vGPU) management software. Released on Thursday, the technology giant said the patches deal with issues which”may lead to denial of support, escalation of privileges, data tampering, …

Nvidia releases security update for high-severity flaws affecting Windows, Linux devices Read More »

Firefox, Chrome, Edge Bugs Allows Remote System Hijacking

Firefox, Chrome, Edge Bugs Allows Remote System Hijacking

Major browsers get an upgrade to fix individual bugs which allow for remote attacks, which could potentially allow hackers to take over targeted devices. Makers of the Chrome, Firefox, and Edge browsers are urging users to patch critical vulnerabilities that should be used to enable hackers to hijack systems running the program. The Mozilla Firefox …

Firefox, Chrome, Edge Bugs Allows Remote System Hijacking Read More »

Backdoor accounts found in More than 100,000 Zyxel firewalls, VPN gateways

Backdoor accounts found in More than 100,000 Zyxel firewalls, VPN gateways

Dutch cybersecurity researchers have discovered a backdoor account in 100,000 networking devices manufactured by Zyxel, which may grant hackers accessibility to all those vulnerable devices and put data at risk. The password and username (zyfwp/PrOw! AN_fXp) was observable in one of those Zyxel firmware binaries. Over 100,000 Zyxel firewalls, VPN gateways, and access point controllers …

Backdoor accounts found in More than 100,000 Zyxel firewalls, VPN gateways Read More »

Chrome and Microsoft Edge Malicious extensions hit 30 lakh Users

Chrome and Microsoft Edge Malicious extensions hit 30 lakh Users

Threat Intelligence researchers from cybersecurity firm Avast have identified malware hidden in at least 28 third-party Google Chrome and Microsoft Edge extensions that may have affected 30 lakh users worldwide. Three million Google Chrome and Microsoft Edge users could be at risk of data theft and phishing after researchers discovered malware hidden in multiple browser …

Chrome and Microsoft Edge Malicious extensions hit 30 lakh Users Read More »

Adobe security update squashes critical vulnerabilities in Lightroom, Prelude

Adobe security update squashes critical vulnerabilities in Lightroom, Prelude

Adobe’s final key patch around 2020 has coped with random code and JavaScript implementation bugs. Adobe’s past scheduled security update of this year has solved critical vulnerabilities from Lightroom, Prelude, and Expertise Supervisor. The initial fix was issued for Adobe Lightroom, a picture editing software that’s popular with professional photographers. Impacting Lightroom Classic version 10.0 …

Adobe security update squashes critical vulnerabilities in Lightroom, Prelude Read More »

Amnesia:33 vulnerabilities Impact Countless Industrial and Smart Devices

Amnesia:33 vulnerabilities Impact Countless Industrial and Smart Devices

Security researchers have identified 33 security defects in four accessible TCP/IP piles used across a broad selection of intelligent products. Security researchers have revealed now 33 security defects in four accessible TCP/IP libraries now used within the firmware of merchandise from over 150 vendors. Forescout researchers estimate that countless customer and industrial-grade apparatus are impacted …

Amnesia:33 vulnerabilities Impact Countless Industrial and Smart Devices Read More »

I made this 'magic' iPhone Wi-Fi hack in my bedroom, imagine what others could do: Google researcher

I made this ‘magic’ iPhone Wi-Fi hack in my bedroom, imagine what others could do: Google researcher

Do not assume there is not somebody out there who is willing and ready to discover the ideal bug to hack on your smartphone, warns Google Project Zero researcher. A Google Project Zero (GPZ) insect hunter that specializes in iPhone safety has shown a horrible bug in iOS that enabled an attacker inside Wi-Fi range …

I made this ‘magic’ iPhone Wi-Fi hack in my bedroom, imagine what others could do: Google researcher Read More »

This software flaw Has Been used to break into Networks, so update Quickly

This software flaw Has Been used to break into Networks, so update Quickly

A vulnerability in MobileIron mobile device management applications is used by state-backed hackers and organized crime warns the safety bureau. State-backed hackers and criminal gangs are now actively utilizing a vulnerability in mobile device management (MDM) applications to successfully get access to programs across government, health care, and other businesses. MDM techniques permit system administrators …

This software flaw Has Been used to break into Networks, so update Quickly Read More »

WAPDropper malware abuses Android devices for WAP fraud

WAPDropper malware abuses Android devices for WAP fraud

New WAPDropper malware signals users up to premium services supplied from telecoms from Thailand and Malaysia. Security researchers have discovered a new breed of Android malware has been now dispersed in the wild, mostly targeting users situated in Southeast Asia. Launched by security company Check Point, this malware is called WAPDropper and is now spread …

WAPDropper malware abuses Android devices for WAP fraud Read More »

TikTok patches reflected XSS bug, one-click account takeover exploit

TikTok patches reflected XSS bug, one-click account takeover exploit

TikTok has patched a reflected XSS security defect along with a bug leading into account takeover affecting the company’s domain. As reported via the Bug bounty platform system HackerOne by writer Muhammed”Milly” Taskiran, the initial exposure relates to a URL parameter about the tiktok.com domain that was not correctly sanitized. While fuzzing the stage, the …

TikTok patches reflected XSS bug, one-click account takeover exploit Read More »