Category Archives: Vulnerabilities
New UEFI Bootkit called MoonBounce
Researchers have discovered a sophisticated new type of malware that targets UEFI and its called MoonBounce. The Bootkit or also known as rootkit malware is suspected to be associated with (advanced persistent threat 41). APT41 is a group of hackers … Read the rest
SSRF Vulnerability In VMware Authentication
Researchers have found that VMware has a server-side request forgery (SSRF) vulnerability could allow an attacker to obtain administrative JSON Web Tokens (JWT) in versions of the VMware authentication software.
This serious security vulnerability was found in a popular service … Read the rest
Microsoft Warns Log4j Flaw Attacks Remain High
Microsoft has warned that Windows and Azure customers should be on high alert after spotting state-sponsored and cyber-criminal hackers probing systems for a flaw in the Log4j. Microsoft says it spotted attackers using the Log4j flaw through December.
The Apache … Read the rest
Windows Zero-Day Allows Privileged File Access
Hashthemes Demo Importer WordPress Plugin Vulnerability
The Hashthemes Demo Importer and is found in more than 8,000 blogs, according to researchers at Wordfence. It’s a high-severity security flaw. This WordPress plugin is designed to import demo content from HashThemes.com. However, it’s possible for subscribers to use … Read the rest
Google Chrome Releases Two Zero Day Patches
Apple users to update immediately. Apple Zero-Click Exploit
The Citizen Lab has discovered a zero-click zero-day flaw in all Apple products. The new zero-day flaw is called ForcedEntry, and it affects iPhones, iPads, Macs, Apple Watches, and even AirPods. Citizen Lab urges all Apple users to update their … Read the rest
Microsoft Office 0-day Vulnerability
On Tuesday, Microsoft revealed an alarming vulnerability in Internet Explorer, a bug that is being used to harm Windows users. The attack is enabled by a weaponized Office file and works like this: A victim receives an email with a … Read the rest
WhatsApp Photo Filter Security Flaw
Users should be careful about the pictures they view on WhatsApp. If a user receives a picture from a malicious third party, the picture could be edited in such a way that the app could read sensitive data from the … Read the rest
Fortinet Vulnerability Allows Firewall Takeovers
A critical security bug in a web application firewall (WAF) platform has been disclosed. It could allow privilege escalation and full device takeover. The bug, in the FortiWeb platform, is found in a WAF OS command-injection vulnerability. A patch will … Read the rest
Loading ...