Vulnerabilities

VULNERABILITIES

Bounty worth Rs 22 Lakh for a bug in Azure cloud systems

4 years ago

Bug bounty hunters are cybersecurity professionals or researchers who explore the web and find and fix bugs. They scan systems searching for vulnerabilities or flaws that hackers might use to sneak in and inform the companies about them. Aditi Singh, a 20-year-old ethical hacker from Delhi, is one such bounty... Read more

Bug bounty hunters are cybersecurity professionals or researchers who explore the web and find and... Read more

VULNERABILITIES

Major websites down due to Fastly config error

4 years ago

Thousands of websites, including government portals, news, and social media sites, stopped responding on Tuesday, June 8, 2021, after a massive outage. Other high-traffic sites included Reddit, Amazon, CNN, PayPal, Spotify, Al Jazeera Media Network, and the New York Times also went down owing to the error. They... Read more

Thousands of websites, including government portals, news, and social media sites, stopped responding on Tuesday,... Read more

VULNERABILITIES

FBI reveals how they got access to San Bernardino’s iPhone

4 years ago

In 2015, following the shooting of San Bernardino, his iPhone was found and the FBI believed it may have some crucial details of their interest. When they couldn’t break into the phone, they turned to Apple for help which Apple refused. Apple said the FBI wanted a backdoor tool which... Read more

In 2015, following the shooting of San Bernardino, his iPhone was found and the FBI... Read more

VULNERABILITIES

Cyberpunk 2077 bug allows remote code execution

4 years ago

CD Projekt Red is warning its Cyberpunk 2077 users to be careful while using mods in the games. A recent discovery by Red Tools mod team member PixelRickyRick and Reddit user Romulus_Is_Here highlighted the bug in a DLL file that could be used to execute malicious code through buffer overflow... Read more

CD Projekt Red is warning its Cyberpunk 2077 users to be careful while using mods... Read more

VULNERABILITIES

Verifone and Ingenico—security issues and vulnerabilities in POS terminals

5 years ago

Security vulnerabilities were discovered in two leading manufacturers of point-of-sale terminals technology, Verifone and Ingenico, making it open to various cyber-attacks. They were discovered by researcher Aleksei Stennikov and Timur Yunusov, head of offensive security research at Cyber R&D Lab, during a presentation at Black Hat Europe 2020. A point-of-sale... Read more

Security vulnerabilities were discovered in two leading manufacturers of point-of-sale terminals technology, Verifone and Ingenico,... Read more

VULNERABILITIES

Malicious npm package caught trying to steal sensitive Discord and browser files

5 years ago

The Node Packet Manager (npm) security team has removed a malicious JS library named “fallguys” that claimed to provide an interface to the “Fall Guys: Ultimate Knockout” game API. The malicious package present in the library would get executed whenever developers installed and ran the “fallguys” library in their code.... Read more

The Node Packet Manager (npm) security team has removed a malicious JS library named “fallguys”... Read more

VULNERABILITIES

Vulnerabilities in WordPress Quiz and Survey plugin patched

5 years ago

The ‘Quiz and Survey Master’ plugin installed in over 30,000 WordPress websites has patched two critical vulnerabilities that allowed attackers to launch varying attacks on websites. Researchers discovered the flaws at Wordfence - an arbitrary file upload vulnerability ranked ten on ten on the Common Vulnerability Scoring System (CVSS scale).... Read more

The ‘Quiz and Survey Master’ plugin installed in over 30,000 WordPress websites has patched two... Read more

VULNERABILITIES

DoT's own websites still running without security audits amid rising cyber attacks

5 years ago

Telecom Departments security audit wing asked all web portals and sites under it to submit security certification immediately or face action, eight months after the deadline to submit security audit certifications. In October 2019, The security audit wing of DoT said in a circular, " they observed the data ex-filtration... Read more

Telecom Departments security audit wing asked all web portals and sites under it to submit... Read more

VULNERABILITIES

New BlackRock Android Malware can steal passwords and card data from 337 apps

5 years ago

A new Android malware named BlackRock emerged in late May this year and was identified by a mobile security firm ThreadFabric. Researchers say that this malware is based on the source code of another malware named Xerxes. The malware has been additionally equipped to enhance its credit card and password... Read more

A new Android malware named BlackRock emerged in late May this year and was identified... Read more