13 Dec 2018

According to a security researcher, the attackers were able to take complete control over the Samsung account by deceiving the user to access a malicious link. However, the vulnerability has been fixed when the researcher reported the issue to Samsung this month. The vulnerability is known as a cross-site request forgery (CSRF) vulnerability and it…

27 Nov 2018

Linux Kernel is impacted by two denial-of-service (DoS) vulnerabilities and the issues affect Linux kernel 4.19.2 and previous versions. This was discovered by researcher Wanpeng Li. The vulnerabilities are rated as Medium severity and are NULL pointer deference issues which can be exploited by a local attacker to activate a DoS condition. The first vulnerability…

22 Nov 2018

The United States Postal Service had a serious security vulnerability which had exposed the data of more than 60 million users to anyone with an USPS.com website account and it was patched. The U.S.P.S. is an independent agency of the American federal government that provides postal service in the United States and is explicitly authorized…

21 Nov 2018

Multiple critical security vulnerabilities have been found in the Atlantis Word Processor which permits remote attackers to execute arbitrary code and take over victim computers. The flaw was discovered by cybersecurity researchers at Cisco Talos. Atlantis Word Processor is an alternative to Microsoft Word and is a fast-loading word processor application in which users can…

20 Nov 2018

Instagram has notified some of its users that their password might have been exposed as plain text due to a security bug and they have patched the issue. The security bug resides in a new feature called “Download Your Data” that permits users to download a copy of their data shared on the social media…

12 Nov 2018

Diagnostic handheld medical devices are normally used by patients for monitoring their health conditions. There are a wide range of medical diagnostic devices produced by Roche for checking the blood glucose levels, blood pressure, etc. But it was recently found that there are multiple flaws in these devices. The ICS-CERT warns patients and the healthcare…

12 Nov 2018

This week, Cisco has addressed multiple security vulnerabilities that had affected various Cisco products. Cisco had patched several critical security flaws that could permit a hacker to remotely attack a system, execute arbitrary commands, or bypass user authentication. In one of the advisories released by Cisco, a QA failure has been addressed. Cisco had mistakenly…

09 Nov 2018

A dangerous vulnerability has been found in the DJI Drone web app which could have permitted the hackers to access user accounts and the sensitive information within it which includes flight records, location, live video camera feed, and photos taken during a flight. The flaw has been discovered by the Cybersecurity researchers at Check Point…

07 Nov 2018

A design flaw in the WordPress permission system used by plugins and a file deletion vulnerability in an eCommerce plugin called WooCommerce can permit the attackers to get complete control over a WordPress site. WooCommerce is a popular WordPress plugin that adds eCommerce functionality to a blog which enables the site owners to host their…

05 Nov 2018

A serious vulnerability has been found in the Intel CPUs that could permit an attacker to steal sensitive protected data such as passwords and cryptographic keys from other processes running in the same CPU core with simultaneous multi-threading feature enabled. The vulnerability dubbed as PortSmash (CVE-2018-5407) is considered to be a dangerous side-channel flaw similar…