Posts

SonicWall VPN Portal Critical Flaw (CVE-2020-5135)

SonicWall VPN Portal Critical Flaw (CVE-2020-5135)

Tripwire VERT has identified a stack-based buffer overflow in SonicWall Network Security Appliance (NSA). The flaw can be triggered by an unauthenticated HTTP request involving a custom protocol handler. The vulnerability exists within the HTTP/HTTPS service used for product management as…

Windows 10 now blocks installation of incorrectly signed drivers

Windows 10 now blocks installation of incorrectly signed drivers

Microsoft will block installation of incorrect third-party drivers for Windows 10 and Windows Server users. According to the plan, this will save you from unnecessary compatibility problems and unexpected bugs. “When installing drivers created by third-party companies, users may see…

Experts turned a TV remote into a spy device

Experts turned a TV remote into a spy device

The researchers modified the firmware of XR11 so that the microphone could be turned on remotely. Guardicore found a number of vulnerabilities in the XR11 remote control for Xfinity subscribers (a subsidiary of U.S. telecommunications corporation Comcast). According to them,…

Malvar downloads peyloads from paste sites

Malvar downloads peyloads from paste sites

Juniper experts identified numerous malicious campaigns that are used to deliver payload paste sites (instead of conventional C&C servers). Thus, hackers hide their malicious code in plain sight and, among other things, save on infrastructure. The researchers write that the…

Cyber spyware uses Windows Error Service in fileless attacks

Cyber spyware uses Windows Error Service in fileless attacks

An unidentified cybercriminal group injects malicious code into a legitimate Windows Error Reporting (WER) service as part of a dangerous fileless attack. This technique helps bypass detection by protective means. Frankly speaking, WER operation is not such a new method,…

You can hack into Mac by jailbreaking for iPhone

You can hack into Mac by jailbreaking for iPhone

According to security researchers, two iPhone jailbreak exploits can hack into Mac and MacBook with the latest Apple T2 security chips. The technique of hacking Apple computers with two iPhone jailbreaks is very complex, and its discussion for several weeks…

Popular sites are infected with skimmers and cryptomainers

Popular sites are infected with skimmers and cryptomainers

According to Palo Alto Networks specialists, malicious activity was detected on some sites with the highest traffic. According to the results of research by Palo Alto Networks specialists, a large number of popular sites from the top 10,000 Alexa ranking…

Weekly vulnerability overview: October 2020

Weekly vulnerability overview: October 2020

Vulnerabilities in Cisco IOS XE software, WordPress plug-ins, FoxRider software etc. were detected. Cisco Systems has fixed several vulnerabilities ( CVE-2020-3141 and CVE-2020-3425 ) in its IOS XE software. Their exploitation allowed the remote attacker to increase privileges on the…

Artificial intelligence has learned to read human thoughts

Artificial intelligence has learned to read human thoughts

Scientists have created a technique by which the computer can track signals from the human brain, as well as simulate visual perception. Thanks to this artificial intelligence has learned to demonstrate previously unknown information, published the journal Scientific Reports. The…

Windows XP source code was probably leaked to the network

Windows XP source code was probably leaked to the network

Source code for several operating systems, including Windows XP and Windows Server 2003, leaked to 4chan as a 42.9 gb torrent file The content of this torrent file includes source code for several older Microsoft operating systems, such as Windows…

Self-destructive photos and videos in WhatsApp on the way

Self-destructive photos and videos in WhatsApp on the way

For several months WhatsApp has been testing the function of sending media files, which should be automatically deleted for all chat participants after the specified timer. The first mention of this innovation appeared in early March. Now, with the release…

Two Bluetooth vulnerabilities

Two Bluetooth vulnerabilities

In the last two weeks it became known about two vulnerabilities in Bluetooth wireless communication standard. First, on September 9th the Bluetooth SIG organization issued a warning about the BLURtooth family of attacks. In theory, the vulnerability in the Bluetooth…

Do NOT follow this link or you will be banned from the site!