CVE-2017-18005 – Exiv2 0.26 has a Null Pointer Dereference in the Exiv2::DataValue::toLong function in valu …
Exiv2 0.26 has a Null Pointer Dereference in the Exiv2::DataValue::toLong function in value.cpp, related to crafted metadata in a TIFF …
Monthly Archives: December, 2017
CVE-2017-18004 – Zurmo 3.2.3 allows XSS via the latitude or longitude parameter to maps/default/mapAndPoint …
Zurmo 3.2.3 allows XSS via the latitude or longitude parameter to …
CVE-2017-18001 – Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an …
Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an arbitrary public key to the device’s SSH …
Apple offers batteries for $29
Apple has publically apologized to its customers for slowing older iPhones in order to keep up with declining battery life. After all this …
You are not alone, WhatsApp is down for many
If you are wondering why your WhatsApp is down, don’t worry, you are not alone the messaging service is down for many around the …
This Startup Is Using Blockchain Tech To Rethink Cyber Security In The Bitcoin Era
Paul Puey serves as the CEO of Edge, a cyber security company that empowers individuals to take control of their own online data by …
Communities from Coast to Coast Fight for Control Over Police Surveillance: 2017 in Review
Americans in 2017 lived under a threat of constant surveillance, both online and offline. While the battle to curtail unaccountable and …
Tipping the Scales on HTTPS: 2017 in Review
The movement to encrypt the web reached milestone after milestone in 2017. The web is in the middle of a massive change from non-secure …
Ripple passes Ethereum to become World’s Second-Largest Cryptocurrency
Ripple has overtaken Ethereum as world’s second-largest cryptocurrency. Its XRP token climbed more than 50% on Saturday. …
Nintendo Switch Hacked to Run Pirated Games
There is no doubt about the fact that Nintendo Switch is currently the most sought-after device. However, the device is also prone to be hacked. …
Dreambot Banking Trojan Delivered via Resume-Themed Email
Dreambot banking Trojan which is a variant of Ursnif spreading via resume themed email, it is one of the most active banking trojans.Its …
The Worst Hacks of 2017, from Equifax to Crash Override
2017 was bananas in lots of ways, and cybersecurity was no exception. Whether critical infrastructure attacks or insecure databases, hacks, breaches, and leaks of unprecedented scale impacted …
CVE-2017-17704 – A door-unlocking issue was discovered on Software House iStar Ultra devices through 6.5.2. …
A door-unlocking issue was discovered on Software House iStar Ultra devices through 6.5.2.20569 when used in conjunction with the IP-ACM …
What a Cross-Site Request Forgery Attack Is and How to Prevent It
When you are browsing a website, it is typical for that website to request data from another website on your behalf. For example, in most …
Kozlovsky from Lurk Hacker Group admits that his group involved in creation of WannaCry and DNC hack on Demand
Arrested Hacker Konstantin Kozlovsky from Lurk Hacker group admits that he is one of the Author of WannaCry ransomware and the work was commissioned by intelligence agencies said in an interview to Dozhd TV channel. …
With businesses fumbling, Singapore must take more care in data aspirations
Singapore government has been opening up user data access to ease information exchange and business transactions, but it should observe some caution as major organisations continue to slip up over security. …
Snowden Explains Why Telegram Messenger App is Unsafe
For years, the ex-NSA (National Security Agency) whistleblower Edward Snowden has been raising awareness about so-called secure messaging applications or programs and publically criticised apps like Skype, Google Allo, and Telegram. …
CVE-2016-10704 – Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1.x before 2.1.2 have …
Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1.x before 2.1.2 have XSS via e-mail templates that are mishandled …
Browser data leakage bug – Mozilla to delete info just in case
Mozilla published an unexpected security patch this week, bumping Firefox up to version 57.0.3. (You probably weren’t expecting a browser …
CVE-2017-17089 – custom/run.cgi in Webmin before 1.870 allows remote authenticated administrators to conduc …
custom/run.cgi in Webmin before 1.870 allows remote authenticated administrators to conduct XSS attacks via the description field in the …
CVE-2017-14855 – Red Lion HMI panels allow remote attackers to cause a denial of service (software exceptio …
Red Lion HMI panels allow remote attackers to cause a denial of service (software exception) via an HTTP POST request to a long URI that …
Is “Bounty Hunting” The Next High-Paying Freelance Career?
Many software companies offer bounties to anyone who can find glitches their code that could open the door to hacking. But often, it’s …
Victim of Swatting: Police kills Innocent man after Call of Duty gamer prank call
An innocent man was shot dead by a police officer after a Call of Duty gamer pranked authorities into giving fake addresses of a 28-year-old father. …
2018 prediction: The endangered hyperlink
“Hey, send me that link!” You’ll hear that phrase everywhere and in every language around the …
PS4 Jailbreak possible with newly identified exploit
We have always believed gaming consoles to be most well-protected devices but it is about time manufacturers like Sony take notice of …
Google to Improve Security and Privacy of Google Play Apps
Android developers will have to comply with two new requirements if they want their apps to be available on Google Play in the future. …
Trolls, Bots, and Fake News Made 2017 a Terrible Year for Internet Freedom
Think of a country that stifles internet freedom. You might first jump to the oppressive regimes of North Korea, China, or Cuba, where internet access is either forbidden or radically restricted. …
CVE-2017-17997 – In Wireshark 2.2.11 and before, the MRDISC dissector misuses a NULL pointer. This was addr …
In Wireshark 2.2.11 and before, the MRDISC dissector misuses a NULL pointer. This was addressed in epan/dissectors/packet-mrdisc.c by …
CVE-2017-17997 – In Wireshark 2.2.11 and before, the MRDISC dissector misuses a NULL pointer. This was addr …
In Wireshark 2.2.11 and before, the MRDISC dissector misuses a NULL pointer. This was addressed in epan/dissectors/packet-mrdisc.c by …
CVE-2017-12813 – PHPJabbers File Sharing Script 1.0 has stored XSS in the comments section. …
PHPJabbers File Sharing Script 1.0 has stored XSS in the comments …