Patrick Domingues

There is a critical vulnerability in the WordPress plugin called Simple Social Buttons. The vulnerability can be used to enable a non-admin user to modify your WordPress installation and allow them to take over your website. So what is the issue here? The researchers with WebARX stated on Monday (2-11-19) that the vulnerability results from…

Read More

Remote Desktop Protocol has plenty of code-execution flaws in both open-source RDP and Microsoft’s RDP client. This makes it possible for a malicious hackers to infect a client computer and then allow them to intrude into the IT network as a whole. What IS RDP? Remote Desktop Protocol (RDP) is a proprietary protocol developed by…

Read More

A new malware campaign has been found containing a new Backdoor Trojan called SpeakUp and they are targeting Linux Servers and MacOS by exploiting vulnerabilities in their systems.  Check Point researchers stated that the malware campaign attacks Linux servers from all over the world using the CVE-2018-20062 ThinkPHP remote code execution vulnerability as an initial infection vector….

Read More

Apple has disabled the Group FaceTime software temporarily due to a software bug that allows other iOS users to listen in on private conversations without any notification to reject or accept a call. The bug is believed to impact any pair of devices running iOS 12.1 or later, according to reports. Security Experts – like Eva…

Read More

The Department of Homeland Security states that some agencies are being targeted by specific attacks that modify the Domain Name System Records, which critical function of the processes to locate websites. DHS issued an emergency statement giving government agencies 10 days to verify that their DNS records are accurate. There has been a series of incidents where…

Read More

MySQL has released a security statement providing the following information: The LOAD DATA statement can load a file located on the server host, or, if the LOCAL keyword is specified, on the client host. There are two potential security issues with the LOCALversion of LOAD DATA: The transfer of the file from the client host to the server host is initiated…

Read More

This Critical Cisco vulnerability affects the following: Cisco Small Business 200 Series Smart Switches, 250 Series Smart Switches, 300 Series Managed Switches, 350 Series Managed Switches, Cisco 350X Series Stackable Managed Switches, 500 Series Stackable Managed Switches and 550X Series Stackable Managed Switches. The vulnerability (CVE-2018-15439), which has a critical base severity rating of 9.8 because…

Read More

Looks like there was a single sign-on vulnerability with Fortnite that could have had hackers break into millions of accounts and steal their virtual assets. On Wednesday the researchers at Check Point found the vulnerability which is tied to the way the single-sign-on (SSO) works between PlayStation Network, Xbox Live, Nintendo, Facebook and Google and the Epic Games…

Read More

Independent researcher and bug-hunter Paulos Yibelo has identified four vulnerabilities at the web-hosting platform Bluehost and was found to contain multiple account takeover and information leak vulnerabilities. one of which is a “High” severity information leak through CORS misconfigurations that could allow attackers to steal personally identifiable information, partial payment details and tokens which can…

Read More

Hacker Group TA505 are cyber criminals through and through, they are the bunch that brought you the Locky Ransomware.  TA505 have decided to go after more US companies so get ready for more phishing attacks.  These phishing attacks will be tailored specifically to their targets so watch out for tricky emails containing attachments like word…

Read More