Services of Google, including Google Chrome, YouTube Google Drive, and Gmail Sign-in, confronted a mass blackout on Monday (December 14). The blackout went on for around an hour and it influenced Google Chrome clients across the world. During the blackout,…
Latest posts
Security Researcher earns $3,000 Bug Bounty for a CSRF Vulnerability in Glassdoor Sticky
A security expert has procured a bug bounty of $3,000 by accomplishing a webpage wide Cross-Site Request Forgery (CSRF) on employment site Glassdoor. Security researcher circumvents the security defences to alter jobseeker profiles, change manager records, and that’s just the…
Vulnerabilities within the VPN are an Open Invitation for Hackers Sticky
Attackers are spoilt for decision as to the utilization of VPN services floods in the pandemic. With numerous employees yet remote working, the utilization of VPNs has opened a pool of assaults against their users. As indicated by insights, it…
WhatsApp & WhatsApp Business for iOS face high-risk WhatsApp security vulnerabilities Sticky
The older versions of WhatsApp & WhatsApp Business for iOS are facing multiple vulnerabilities. These WhatsApp security vulnerabilities were given a high severity rating. The news came after the Indian Cybersecurity firm CERT-In (Computer Emergency Response Team) has announced a…
NAT Slipstreaming allows attackers to gain access to your TCP/UDP services Sticky
A security researcher, Samy Kamkar has recently revealed a technique capable enough to bypass firewall protection & access any TCP /UDP services of the victim’s machine. The technique Network Address Translation (NAT) Slipstreaming provides a way for attackers to victim…
Google Chrome Fixes Another Zero-Day Vulnerability Amongst 10 Bugs Sticky
Not long after fixing the first zero-day vulnerability, Google Chrome has now fixed another zero-day vulnerability in its system. The vulnerability is tracked as CVE-2020-16009. Google has notified that they know of it being exploited in the wild. Along with…
OpenEMR fixes Security Vulnerabilities For Better Service Sticky
Vulnerabilities have been discovered recently in the popular medical records management portal, OpenEMR. These vulnerabilities if left unattended would have renowned the medical practice management application control to the attackers. Of all the bugs, the one in the Patient Portal…
WordPress Update 2020: WordPress patches 10 security bugs including a high-severity RCE Sticky
WordPress is calling this last WordPress update ‘short-cycle security & maintenance release’ before the critical 5.6 release version of the software. Recently, WordPress released the latest version of its web publishing software, 5.5.2. With it, they have also tackled 10…
Aetna breaches cost them $1 million to be paid to HIPAA Sticky
The healthcare insurance giant Aetna has reached a settlement of $1 million dollars for violating HIPAA regulations. Aetna had been accused of disclosing their customers’ information under three instances of the breach. Besides this, Aetna has time & again violated…
Dridex trojan back in action
Dridex trojan is functional and dynamic once more; it has gotten back to phishing assaults disguising QuickBooks receipts. This continuous phishing effort began on April 19, and it targets clients and users of the bookkeeping software to contaminate their gadgets.…
Linux Malware ‘RotaJakiro’ Went Undetected For Years
In the latest developments, a formerly undetected Linux malware named “RotaJakiro” has been discovered by security researchers which was able to operate under the radar for close to three years. Linux malware staying under the radar: Security Researchers at Quihoo…
Kaspersky found New CIA Malware Cluster- Purple Lambert
Security firm and anti-virus provider Kaspersky recently disclosed the findings of a novel malware cluster called Purple Lambert that was apparently developed by the Central Intelligence Agency (CIA) of the U.S. Kaspersky’s Purple Lambert investigation: According to Kaspersky, back in…
Azure Defender and CISA publish BadAlloc bugs affecting numerous IoT devices
A broad spectrum of security vulnerabilities impacting a multitude of IoT devices have been detected by security researchers at Microsoft’s Azure Defender for IoT research group. Azure Defender finds critical IoT security holes: These could have severe consequences in the…
First Horizon Bank Data Breach Directly Hits Customer Funds
America’s First Horizon Bank has disclosed that they have suffered a data breach attack that compromised the bank’s customers of financial funds. First Horizon Bank customers direct impact point: After filing a report with the Securities and Exchange Commission, First…
Cisco Firepower Threat Defense Deployed Multiple High-Severity Patches
Cisco Firepower Threat Defense software was recently patched up for several vulnerabilities which included high-severity security flaws like DoS attacks and arbitrary code execution. Firepower Threat Defense Vulnerabilities: The Firepower Threat Defense vulnerability tracked as CVE-2021-1448, has been identified as…
Chrome 90 Patched For Critical V8 Bug and other vulnerabilities
Google has recently delivered the Chrome 90 stable channel release (90.0.4430.93) for Windows, Mac, and Linux, to address a V8 vulnerability along with eight other vulnerabilities on Tuesday. High-Severity Chrome 90 RCE vulnerability: The critical V8 vulnerability was reported to…
Babuk Ransomware Hacked Washington DC Police Dept.
In recent developments, the Babuk ransomware has reportedly targeted Washington DC’s Metropolitan Police Department and is said to have hacked into its internal computer networks to gain access to sensitive data. Reportedly, the Babuk ransomware is threatening to expose official,…
Hello ransomware’s combined threat-China Chopper and Microsoft Sharepoint Vulnerability
In recent ransomware developments, security researchers have discovered that the Hello ransomware (or WickrMe ransomware) has been exploiting the Microsoft SharePoint vulnerability to initiate ransomware cyberattacks alongside the China Chopper web shell. Microsoft SharePoint Vulnerability: Back in 2019, Microsoft has…
UK users under a smishing attack by the Flubot
In the recent reports that came from the UK, android mobile device users across the country have been hit by a SMS phishing attack. It occurs via a text message sent on a device, containing a link to a malicious…