Category Archives: Vulnerabilities
WhatsApp Photo Filter Security Flaw
Users should be careful about the pictures they view on WhatsApp. If a user receives a picture from a malicious third party, the picture could be edited in such a way that the app could read sensitive data from the memory of the app. In addition, users should update their apps to get the latest…
Fortinet Vulnerability Allows Firewall Takeovers
A critical security bug in a web application firewall (WAF) platform has been disclosed. It could allow privilege escalation and full device takeover. The bug, in the FortiWeb platform, is found in a WAF OS command-injection vulnerability. A patch will be available at the end of the month. FortiWeb is a cybersecurity defense platform…
Vulnerability in Cisco Small Business Switches
Nothing new with these Cisco Small Business Switches. A researcher, Jasper Adriaanse has identified several vulnerabilities, including ones that have been rated high severity, in Cisco’s Small Business 220 series smart switches. These vulnerabilities were discovered to impact switches that run firmware versions earlier than 1.2.0.6 and have the web-based management interface enabled which the…
SSL VPN Attacks Up Nearly 2000%
A recent report published by Nuspire outlined what activity cyber criminals have been up to. SSL VPN attacks have gone up nearly 2000%. Increase in VPN attacks In Q1 2021, there was a 1,916% increase in attacks against Fortinet’s SSL-VPN and a 1,527% increase in Pulse Connect Secure VPN. These vulnerabilities allow a threat…
6 In The Wild Exploits Resolved With Windows Patch Tuesday
This Tuesday Microsoft Windows Patch Tuesday has deployed a sum of 50 patches which also included critical patches to mitigate 6 vulnerabilities that are being used in the wild to run exploits on systems. Elevation vulnerability’s are no joke because hackers can log into your system as an administrator and push wide spread ransomware. I…
A macOS 0-day vulnerability let hackers take screenshots
A macOS 0-day vulnerability lets hackers take screenshots of your screen. Hackers have been exploiting a vulnerability in fully updated versions of macOS that allowed them to take screenshots on infected Macs without having to get permissions from any users. However, this attack is finally getting patched with the latest macOS 11.4 update released on May…
VMware vCenter VMSA-2021-0010 Advisory
In this VMware vCenter VMSA-2021-0010 Advisory, VMware vCenter Server updates address remote code execution and authentication vulnerabilities (CVE-2021-21985, CVE-2021-21986). VMware Impacted Products? VMware vCenter Server (vCenter Server) VMware Cloud Foundation (Cloud Foundation) Who is affected? VMware Security Advisories always list the specific product versions that are affected. In this case it is vCenter Server 6.5,…
Lost your iPhone? Someone can use Checkm8 and Checkra1n to jailbreak it.
If you lost your iPhone you should be worried. Someone can hack into it with free software called Checkm8 and Checkra1n to jailbreak it. Essentially they would be able to hack into your phone and by pass any security you have in place. Why should we care about Checkm8? The Checkm8 vulnerability works on 11 generations…
Jetty Vulnerability using Invalid Large TLS Frame causes 100% CPU Usage
This Jetty vulnerability is to be considered as a service availability issue. When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage. The following packages have been upgraded to a…
Three Linux vulnerabilities provided root access to hackers since 2006
Three Linux vulnerabilities provided root access to hackers since 2006 in the iSCSI module used for getting to shared data storage. This flaw could allow root access to any hacker with a user account. The three vulnerabilities – CVE-2021-27363, CVE-2021-27364 and CVE-2021-27365 – were in the Linux code since 2006 going unnoticed until the researchers…