Last week saw a release of security updates by Drupal’s team for their Content Management System (CMS) to patch a Double-Extension vulnerability – CVE-2020-13671. The vulnerability has been marked ‘Critical’ and can be exploited by attackers leading them to even…
Latest posts - Page 127
Data breach at global cosmetic brand “Avon” leading to a major cybersecurity vulnerability
A world-renowned brand in cosmetics Avon has reported a critical breach in their data found on their web server. This was exposed publicly without any encryption or password protection. The discovered vulnerability is found operative to anyone who possesses the…
Major vulnerabilities patched by VMware for their ESXi Hypervisor & SD-WAN Orchestrator
Multiple vulnerabilities have recently come to light VMware’s ESXi Hypervisor and the SD-WAN Orchestrator. The company has patched these vulnerabilities & released updates for the same. Two critical vulnerabilities were reported in the ESXi Hypervisor of VMware. Besides this, six…
DNS Cache Poisoning returns worse than 2008
Not all sequels are good! Especially if the sequel is one of the most severe cybersecurity threats of all time. Researchers have recently discovered that the DNS Cache Poisoning attack is back from the dead and can cause damage to…
Critical Facebook Security: Your calls are being listened to even before you pick them up!
A critical security vulnerability in Facebook has been patched up in their globally installed Messenger application. This enables any remote hacker to make calls to targets that are unsuspected and begin listening to them even before they are being received. …
South Korea threatened by Lazarus group attacking safety of + supply-chain
ESET on Monday confirmed the reports of the Lazarus APT group deploying malware in South Korea. Lazarus, also known as Hidden Cobra is a North Korea-linked group that has time & again targeted various victims in South Korea. This time,…
macOS Big Sur launches its first update 11.0.1 that fixes 60 vulnerabilities
Along with the official release of macOS Big Sur 11.0 on the 12th of November, Apple also released its update for the same versioned 11.0.1. Though it comes preinstalled in certain Mac models, it might not be there in others.…
Acute Fissures RCE in Cisco Security Manager
Cisco has posted a couple of safety advisories regarding some major defects in Cisco Security Manager (CSM) a week later the networking device maker stealthily launched the patches with model version 4.22 of the platform. The improvement comes after Code…
IoT Botnet Mushtik becomes a threat for Cloud Servers
The ever-strengthening IoT botnet has another threat up their sleeve. It is Mushtik, the 2-year-old botnet that can target cloud infrastructures by wrongfully using web applications exploits. This botnet mines cryptocurrency by a DDoS attack, XMRrig & cgmining. Recently, it…
ENISA releases IoT Security Guidelines for Product Development
A set of IoT Security guidelines was recently released by the European Union Agency for Cybersecurity (ENISA). These guidelines are based on a thorough deep & give insights into securing the supply chain for IoT. Everything from hardware, software &…