Services of Google, including Google Chrome, YouTube Google Drive, and Gmail Sign-in, confronted a mass blackout on Monday (December 14). The blackout went on for around an hour and it influenced Google Chrome clients across the world. During the blackout,…
Latest posts
Security Researcher earns $3,000 Bug Bounty for a CSRF Vulnerability in Glassdoor Sticky
A security expert has procured a bug bounty of $3,000 by accomplishing a webpage wide Cross-Site Request Forgery (CSRF) on employment site Glassdoor. Security researcher circumvents the security defences to alter jobseeker profiles, change manager records, and that’s just the…
Vulnerabilities within the VPN are an Open Invitation for Hackers Sticky
Attackers are spoilt for decision as to the utilization of VPN services floods in the pandemic. With numerous employees yet remote working, the utilization of VPNs has opened a pool of assaults against their users. As indicated by insights, it…
WhatsApp & WhatsApp Business for iOS face high-risk WhatsApp security vulnerabilities Sticky
The older versions of WhatsApp & WhatsApp Business for iOS are facing multiple vulnerabilities. These WhatsApp security vulnerabilities were given a high severity rating. The news came after the Indian Cybersecurity firm CERT-In (Computer Emergency Response Team) has announced a…
NAT Slipstreaming allows attackers to gain access to your TCP/UDP services Sticky
A security researcher, Samy Kamkar has recently revealed a technique capable enough to bypass firewall protection & access any TCP /UDP services of the victim’s machine. The technique Network Address Translation (NAT) Slipstreaming provides a way for attackers to victim…
Google Chrome Fixes Another Zero-Day Vulnerability Amongst 10 Bugs Sticky
Not long after fixing the first zero-day vulnerability, Google Chrome has now fixed another zero-day vulnerability in its system. The vulnerability is tracked as CVE-2020-16009. Google has notified that they know of it being exploited in the wild. Along with…
OpenEMR fixes Security Vulnerabilities For Better Service Sticky
Vulnerabilities have been discovered recently in the popular medical records management portal, OpenEMR. These vulnerabilities if left unattended would have renowned the medical practice management application control to the attackers. Of all the bugs, the one in the Patient Portal…
WordPress Update 2020: WordPress patches 10 security bugs including a high-severity RCE Sticky
WordPress is calling this last WordPress update ‘short-cycle security & maintenance release’ before the critical 5.6 release version of the software. Recently, WordPress released the latest version of its web publishing software, 5.5.2. With it, they have also tackled 10…
Aetna breaches cost them $1 million to be paid to HIPAA Sticky
The healthcare insurance giant Aetna has reached a settlement of $1 million dollars for violating HIPAA regulations. Aetna had been accused of disclosing their customers’ information under three instances of the breach. Besides this, Aetna has time & again violated…
HTML smuggling targets Banking industry
Microsoft reported HTML smuggling, which spread via email, had been extensively targeting banking organizations. Microsoft described the attack that surfaced in the early half of this month as “a highly evasive malware delivery technique”. The attack uses genuine HTML5 and…
Zoom vulnerability by Positive Technologies
The U.S-sanctioned Positive Technologies has underscored three vulnerabilities in the zoom, Zoom vulnerability that can be used for crashing or hijacking on-prem parts of the video conferencing system. One of the vulnerabilities is related to input validation which can be…
FBI email system hacked, false cybersecurity alerts sent to thousands
The FBI reported threat actors taking over FBI email system to send thousands of false messages about a “sophisticated chain attack.” Threat intelligence non-profit SpamHaus released information about the attack first. The attack entailed sending false warning emails with the…
MacOS Vulnerability Target Hong Kong
Google researchers have detected a zero-day MacOs vulnerability in operating system. The hackers have targeted Hong Kong websites of a media outlet and pro-democracy labour political group to plant a new backdoor entry in affected machines. Based on our findings,…
GlobalProtect VPN: Zero Day Disclosure
Palo Alto’s network GlobalProtect VPN has a new zero-day vulnerability reported by researchers. The vulnerability allows the hacker to use an unauthenticated network to execute arbitrary code on affected devices with root user privileges. The vulnerability is identified as CVE-2021-3064…
Busybox Linux utility Vulnerabilities uncovered
Cybersecurity researchers discovered 14 critical vulnerabilities in the BusyBox Linux utility. The hackers can exploit the vulnerability for carrying out a denial-of-service (DoS) attack, and in some cases, the vulnerability can lead to information leaks and remote code execution. DevOps…
Robinhood attack exposes millions of customers’ details
Robinhood, the popular investment & trading platform, was recently hacked and fell prey to an extortion attempt. The extorter used their unauthorized access to millions of customers’ email addresses and full names as leverage. The Platform informed about the incident…
Cryptocurrency ATMs and QR codes used for fraud, reports the FBI
Cyberfraud victims are increasingly being asked to pay through Quick Response (QR) code and cryptocurrency ATMs. This makes recovery of payment impossible. The FBI has seen an increase in scammers directing victims to use physical cryptocurrency ATMs and digital QR…
QR codes used for stealing Microsoft credentials and crypto funds
Researchers discovered an email-based phishing scam: emails containing QR codes for pilfering users’ Microsoft details and other data. Between September 15 and October 13, Abnormal reported that it warded off 200 emails that constituted the phishing scam. Hackers tried to…
Israeli researcher identifies more than 3,500 WiFi passwords
Israeli researcher identifies more than 3500 Wifi networks were hacked in Israel Tel Aviv without any difficulty. A total 0f 5000 wifi networks were targeted. The hacking underscored how weak passwords could become an entry point for serious threats to…