Vulnerabilities (Page 229)

CSRF Bug in Verizon’s API Left My FiOS Accounts Open to Attacks

On: January 11, 2016

API used a simple authentication scheme, exposing users to CSRF attacks that allowed third-parties to hijack accounts. Verizon fixed an issue in its My FiOS REST API that would haveRead More →

Uncooperative Russian ISP Prevents Cisco from Shutting Down Cybercriminal Gang

On: January 9, 2016

In: Incidents, Vulnerabilities

Russian ISP Eurobyte fails to answer Cisco’s emails, allows malvertising campaign to go on undisturbed. Cisco’s Talos research team has managed to identify and partially shut down a cyber-criminal group thatRead More →

GM embraces white-hat hackers with public vulnerability disclosure program

On: January 9, 2016

In: Vulnerabilities

First major automaker (aside from Tesla) to issue guidelines promising not to sue researchers. On January 5, General Motors quietly flipped the switch on Detroit’s first public security vulnerability disclosureRead More →

Remote Exploitation of Microsoft Office DLL Hijacking (MS15-132) via Browsers

On: January 7, 2016

In: Important, Vulnerabilities

A number of weeks back, security researcher Parvez Anwar posted a number of DLL hijacking vulnerabilities within Microsoft Office on Twitter [1]. The following week, Microsoft released MS15-132, which addressedRead More →

Drupal Update Process Flawed by Multiple Bugs, Attackers Can Take Over Sites

On: January 7, 2016

In: Vulnerabilities

IOActive’s Fernando Arnaboldi has sounded the alarm on three major flaws in Drupal’s update process that may allow attackers to poison Drupal installations via update packages and in worst caseRead More →

Severe Silent Circle Blackphone vulnerability lets hackers take over

On: January 7, 2016

In: Mobile Security, Vulnerabilities

The security-focused smartphone contained vulnerabilities which allow hackers to control the device’s modem and call functions. Researchers have revealed a severe vulnerability in Silent Circle’s Blackphone which could allow attackers toRead More →

Zerodium Offers $100K for Adobe Flash Heap Isolation Bypasses

On: January 6, 2016

In: Vulnerabilities

Despite calls to eliminate Adobe Flash Player, researchers inside and outside the vendor continue to invest in and build mitigations against modern attacks. As recently as three weeks ago, AdobeRead More →

DLL Hijacking Tutorial

On: January 2, 2016

In: Important, Vulnerabilities

Dll hijacking is a vulnerability that is caused by a misbehavior practiced by all versions of Windows.Many people believe that is a feature and not a bug because it wasRead More →

Backspace Flaw Enables Linux Zero-Day Attack

On: December 31, 2015

In: Important, Vulnerabilities

Researchers last week revealed a zero-day flaw that lets attackers take over a Linux system by pressing the backspace key repeatedly. Pressing backspace 17 to 20 times will overwrite theRead More →

CVE-2015-8562 – 16,000 Daily Attacks on vulnerable Joomla servers

On: December 29, 2015

In: Vulnerabilities

Experts at Symantec discovered that hackers quickly take advantage of CVE-2015-8562 remote code execution to compromise Joomla servers. Joomla recently patched the CVE-2015-8562 vulnerability that could be exploited by attackers forRead More →

Vulnerabilities (Page 229)

CSRF Bug in Verizon’s API Left My FiOS Accounts Open to Attacks

Uncooperative Russian ISP Prevents Cisco from Shutting Down Cybercriminal Gang

GM embraces white-hat hackers with public vulnerability disclosure program

Remote Exploitation of Microsoft Office DLL Hijacking (MS15-132) via Browsers

Drupal Update Process Flawed by Multiple Bugs, Attackers Can Take Over Sites

Severe Silent Circle Blackphone vulnerability lets hackers take over

Zerodium Offers $100K for Adobe Flash Heap Isolation Bypasses

DLL Hijacking Tutorial

Backspace Flaw Enables Linux Zero-Day Attack

CVE-2015-8562 – 16,000 Daily Attacks on vulnerable Joomla servers

TunnelCrack: Two serious vulnerabilities in VPNs discovered, had been dormant since 1996

How to easily hack TP-Link Archer AX21 Wi-Fi router

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]

MFA? Irrelevant. CitrixBleed 2 Lets Hackers Take Over Without Logging In

MotW Bypassed: Zero Warning, Full Control – New WinRAR Flaw Silently Bypasses Windows Security

New Vulnerability in GCP Cloud Run Shows Why Least Privilege Isn’t Enough

Hackers Can Manipulate Your Heart Rate Monitor – Unbelievable Security Flaw!

FortiGate Firewalls Zero-Day Chaos: How Hackers Are Gaining Control of Firewalls Worldwide – Is Your Network at Risk?

Phishing 2.0: AI Tools Now Build Fake Login Pages That Fool Even Experts

How TokenBreak Technique Hacks OpenAI, Anthropic, and Gemini AI Filters — Step-by-Step Tutorial

Comparing Top 8 AI Code Assistants: Productivity Miracle or Security Nightmare. Can You Patent AI Code Based App?

No Login Required: How Hackers Hijack Your System with Just One Keystroke: utilman.exe Exploit Explained

How to Send DKIM-Signed, 100% Legit Phishing Emails — Straight from Google That Bypass Everything

A Malware That EDR Can’t See?If You Rely on Antivirus for Protection, Read This Before It’s Too Late!

WinRAR and ZIP File Exploits: This ZIP File Hack Could Let Malware Bypass Your Antivirus

5 Techniques Hackers Use to Jailbreak ChatGPT, Gemini, and Copilot AI systems

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hacking Pagers to Explosions: Israel’s Covert Cyber-Physical Sabotage Operation Against Hezbollah!

How Lynx Ransomware Extorts Millions from U.S. Companies

A Malware That EDR Can’t See?If You Rely on Antivirus for Protection, Read This Before It’s Too Late!

Top 2 Malicious Python Packages You Must Avoid! Zebo-0.1.0 & Cometlogger-0.1

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hackers’ Guide to Rogue VM Deployment: Lessons from the MITRE hack

Cyber Security Channel

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]