VMware has provided detailed instruction on how to mitigate the Meltdown and Spectre vulnerabilities in several of its products. VMware is releasing patches and workarounds for its Virtual Appliance products affected by the Meltdown and Spectre vulnerabilities. The Meltdown and Spectre attacks could be exploited by attackers to bypass memory isolation mechanisms and access target sensitive […]
The group of hackers known as ‘fail0verflow’ has discovered a vulnerability in the gaming console Nintendo Switch that could be exploited to install a Linux distro. The hackers announced their discovery in a post on Twitter, the published an image of a console running the Debian Linux distro after the hack. đ§đ§đ§đ§ #switch pic.twitter.com/4iTjTk9D59 — fail0verflow (@fail0verflow) […]
Security expert Paulos Yibelo has discovered a vulnerability in Hotspot Shield VPN from AnchorFree that can expose locations of the users. Paulos Yibelo, a security researcher, has discovered a vulnerability that can expose users and locations around the globe compromising their anonymity and privacy. The company has about 500 million users globally. VPN services providers […]
A new PoS malware dubbed UDPoS appeared in the threat landscape and implements a novel and hard to detect technique to steal credit card data from infected systems. The UDPoS malware was spotted by researchers from ForcePoint Labs, it relies upon User Datagram Protocol (UDP) DNS traffic for data exfiltration instead of HTTP that is the protocol used by […]
The source code for Apple iOS iBoot secure bootloader has been leaked to GitHub, now we will try to understand why this component is so important for the iOS architecture. The iBoot is the component loaded in the early stages of the boot sequence and it is tasked with loading the kernel, it is stored in […]
Swisscom data breach – Telco company Swisscom confirmed it has suffered a data breach that affected roughly 800,000 of its customers, roughly 10% of the Swiss population. Swiss telco company Swisscom confirmed it has suffered a data breach that affected roughly 800,000 of its customers, roughly 10% of the Swiss population. According to Swisscom, unauthorized parties gained access to data in […]
The US authorities have dismantled a global cybercrime organization tracked Infraud Organization involved in stealing and selling credit card and personal identity data. The US authorities have taken down a global cybercrime organization, the Justice Department announced indictments for 36 people charged with being part of a crime ring specialized in stealing and selling credit […]
Joomla development team has released the Joomla 3.8.4 that addresses many issues, including an SQL injection bug and three cross-site scripting (XSS) flaws. Joomla development team has released the Joomla 3.8.4 that addresses a large number of issues, including an SQL injection bug and three cross-site scripting (XSS) vulnerabilities. The latest release also includes several improvements. The XSS and SQL injection vulnerabilities have been classified […]
Intel is releasing new firmware updates that should address Spectre vulnerabilities CVE-2017-5715 for Skylake processors. Intel is releasing new firmware updates limited to Skylake processors to address Spectre vulnerabilities, patches for other platforms are expected very soon. The Spectre attack allows user-mode applications to extract information from other processes running on the same system. It can also be exploited […]
Researchers from Princeton University have developed an app called PinME to locate and track smartphone without using GPS. The research team led by Prateek Mittal, assistant professor in Princetonâs Department of Electrical Engineering and PinMe paper co-author developed the PinMe application that mines information stored on smartphones that don’t require permissions for access. The data […]