Services of Google, including Google Chrome, YouTube Google Drive, and Gmail Sign-in, confronted a mass blackout on Monday (December 14). The blackout went on for around an hour and it influenced Google Chrome clients across the world. During the blackout,…
Latest posts
Security Researcher earns $3,000 Bug Bounty for a CSRF Vulnerability in Glassdoor Sticky
A security expert has procured a bug bounty of $3,000 by accomplishing a webpage wide Cross-Site Request Forgery (CSRF) on employment site Glassdoor. Security researcher circumvents the security defences to alter jobseeker profiles, change manager records, and that’s just the…
Vulnerabilities within the VPN are an Open Invitation for Hackers Sticky
Attackers are spoilt for decision as to the utilization of VPN services floods in the pandemic. With numerous employees yet remote working, the utilization of VPNs has opened a pool of assaults against their users. As indicated by insights, it…
WhatsApp & WhatsApp Business for iOS face high-risk WhatsApp security vulnerabilities Sticky
The older versions of WhatsApp & WhatsApp Business for iOS are facing multiple vulnerabilities. These WhatsApp security vulnerabilities were given a high severity rating. The news came after the Indian Cybersecurity firm CERT-In (Computer Emergency Response Team) has announced a…
NAT Slipstreaming allows attackers to gain access to your TCP/UDP services Sticky
A security researcher, Samy Kamkar has recently revealed a technique capable enough to bypass firewall protection & access any TCP /UDP services of the victim’s machine. The technique Network Address Translation (NAT) Slipstreaming provides a way for attackers to victim…
Google Chrome Fixes Another Zero-Day Vulnerability Amongst 10 Bugs Sticky
Not long after fixing the first zero-day vulnerability, Google Chrome has now fixed another zero-day vulnerability in its system. The vulnerability is tracked as CVE-2020-16009. Google has notified that they know of it being exploited in the wild. Along with…
OpenEMR fixes Security Vulnerabilities For Better Service Sticky
Vulnerabilities have been discovered recently in the popular medical records management portal, OpenEMR. These vulnerabilities if left unattended would have renowned the medical practice management application control to the attackers. Of all the bugs, the one in the Patient Portal…
WordPress Update 2020: WordPress patches 10 security bugs including a high-severity RCE Sticky
WordPress is calling this last WordPress update ‘short-cycle security & maintenance release’ before the critical 5.6 release version of the software. Recently, WordPress released the latest version of its web publishing software, 5.5.2. With it, they have also tackled 10…
Aetna breaches cost them $1 million to be paid to HIPAA Sticky
The healthcare insurance giant Aetna has reached a settlement of $1 million dollars for violating HIPAA regulations. Aetna had been accused of disclosing their customers’ information under three instances of the breach. Besides this, Aetna has time & again violated…
UniCC the largest dark web market for stolen cards, shuts down
The largest dark web marketplace for stolen credit and debit cards, UniCC has stated that it’s shutting down its operations. Since 2013, UniCC has earned $358 million in purchases entailing cryptocurrencies such as Bitcoin, Litecoin, Ether, and Dash. “Don’t build…
Critical vulnerability in 3 WordPress Plugins impacts 84,000+ websites
Researchers have uncovered a critical vulnerability plaguing three different WordPress plugins. These plugins can affect more than 84,000 websites and may be exploited by threat actors to take over vulnerable websites. “This flaw made it possible for an attacker to…
Rootkit iLO attacking HP Servers – CyberDaily
An unknown rootkit has been targeting Hewlett-Packard Enterprise’s Integrated Lights-Out (iLO) server management technology. The hackers have used the iLO to rig the firmware modules and obliterate data from the infected systems. Amnpardaz, an Iranian cybersecurity firm, uncovered the vulnerability,…
Crypto Mining attacks use evolved version
A crypto mining campaign, which has been active, has developed its method to avoid detection. The threat actors have evolved their attack method to go undetected, new research today has disclosed. The crypto mining attack campaign was first uncovered in…
Log4j news -Log4j patch releases by Apache
Log4j news – On 28th December 2021, another vulnerability affecting the Log4j logging library was discovered. The vulnerability is labelled CVE-2021-44832. The vulnerability CVE-2021-44832 affects versions 2.17.0 and before. The vulnerability was assumed to be patched, but it wasn’t. The…
‘Double Feature’: researchers dived in tool
Cybersecurity researchers have offered insight into a system known as Double Feature. The system tracks different stages of post-exploitation originating from the DanderSpiriz—a full-featured malware framework deployed by the Equation group. DanderSpirtz was first discovered on April 14, 2017; DanderSpritz…
Web application attacks substantial rise
Imperva Research Lab’s study concluded that web application attacks are rising, on average, by 22% each quarter. The study examined nearly 4.7 million web application incidents. Further, the attacks have increasingly increased from Q2 2021 to Q3 2021— a 67.9% surge.…
Data Breach in West Virginia Hospital
Hackers targeted a hospital system in West Virginia; the attackers used a phishing attack for a data breach from the hospital’s system. Monongalia health system, which also operates Monongalia County General Hospital Company and Stonewall Jackson Memorial Hospital Company, stated…
Vulnerabilities let hackers control directory
Microsoft has pushed users to patch two security vulnerabilities in Active Directory domain controllers that it released in November. Microsoft has become active after a proof-ofo-concept video was made available on December 12. The two vulnerabilities—labeled as CVE-2021-42287— have been…
For selling data, Ukraine arrests 51 people
In a press release, Ukraine police stated that they arrested a 51-member group, for selling data of more than 300 million Americans and Europeans to hackers. Groups like the above are on the rise, and one must go beyond the…