Currently Browsing: Hacking News

Read More
Hacking News

Vulnerabilities In ENC DataVault Software Impact Multiple Storage Devices

January 4, 2022

Numerous vulnerabilities in the encryption software ‘ENC DataVault’ indirectly impacted the security of storage devices. These include some famous names like Lexar,…

Read More
Hacking News

New iLOBleed Rootkit Targets HP Integrated Lights-Out

January 3, 2022

Researchers have found a new malware targeting HP Integrated Lights-Out (iLO) devices. Dubbed iLOBleed, the rootkit is already running active campaigns targeting…

Read More
Hacking News

Researchers Demonstrate Malware Attacks On Hidden (OP) SSD Area

January 1, 2022

Storage devices, particularly SSDs, have hidden areas reserved for optimizing performance. Researchers  have demonstrated how malware attackers can also hide malicious code…

Read More
Hacking News

Researchers Caught Multiple Backdoors In Auerswald VoIP Phone System

December 31, 2021

Security researchers found numerous backdoors in Auerswald VoIP appliances risking users’ security. The vendors patched the flaw with the latest firmware releases….

Read More
Hacking News

LastPass Master Passwords Seemingly Hacked Through Credential Stuffing

December 31, 2021

The popular password manager LastPass has left users baffled after their master passwords were seemingly breached. However, the vendors have denied any…

Read More
Hacking News

Multiple Riskware Apps Flood Samsung’s “Galaxy Store” App Store

December 31, 2021

Heads up, Samsung phone users! Researchers have discovered numerous riskware apps flooding the Samsung app store “Galaxy Store” that Google’s Play Store…

Read More
Hacking News

Apache Releases Log4j 2.17.1 Fixing Another Code Execution Flaw

December 31, 2021

Following the “Log4Shell” mayhem, Apache has released multiple updates to its Log4j library addressing the bugs. Another Log4j update has surfaced online,…

Read More
Hacking News

Vulnerabilities In Garrett Walk-Through Metal Detectors Allow Remote Attacks

December 30, 2021

Researchers from Cisco Talos have elaborated on the security vulnerability they discovered in Garret metal detectors. Garrett is an American firm producing…

Read More
Hacking News

Apple Patched a macOS Gatekeeper Bypass Vulnerability

December 29, 2021

The Cupertino giant has addressed a severe Gatekeeper bypass vulnerability affecting macOS devices. Exploiting the flaw could allow attackers to deploy malicious…

Read More
Hacking News

Code Execution Vulnerabilities Fixed In DaVinci Resolve Video Editor

December 29, 2021

The popular software editor DaVinci Resolve had some serious security vulnerabilities leading to code execution. Following the researchers’ report, the vendors patched…

Read More
Hacking News

Researcher Discovered Site Isolation Bypass In Google Chrome – Bug Fixed

December 28, 2021

A researcher from Google Project Zero Team discovered a site isolation bypass vulnerability affecting the Chrome browser. Google subsequently patched the bug…

Read More
Hacking News

Subdomain Takeover Flaw Affected Flywheel WordPress Hosting Platform

December 28, 2021

A security researcher discovered a serious subdomain takeover vulnerability in the WordPress hosting platform Flywheel. The researcher found it an easily exploitable…

Read More
Hacking News

HackDHS Bug Bounty Program Now Includes Log4j Bug Reports

December 28, 2021

The US Department of Homeland Security has expanded the scope of the HackDHS bug bounty program to include Log4j. Researchers can now…

Read More
Hacking News

US CISA, CrowdStrike Release Free Log4j Scanners

December 28, 2021

As Log4j vulnerability continues to haunt the internet world, more bug scanners have surfaced online to help prevent real-time exploits. Recently, the…

Read More
Hacking News

Fisher-Price Chatter Bluetooth Phone Can Become An Audio Bug

December 28, 2021

Researchers have discovered a severe privacy issue in the Fisher-Price kids’ toy phone. Specifically, the lack of security checks allows turning the…

Read More
Hacking News

Multiple Vulnerabilities Found In Microsoft Teams – Only One Fixed So Far

December 24, 2021

Researchers have discovered at least four different vulnerabilities in the Microsoft Teams link preview feature. However, Microsoft has patched only one of…

Read More
Hacking News

New Log4j Attack Vector Exploits WebSocket To Trigger RCE – Update to Log4j 2.17.0

December 23, 2021

Shedding light on alternative exploit strategies for the chaotic Log4j vulnerability, researchers have devised a new attack vector exploiting WebSocket. Users must…

Read More
Hacking News

An IDOR Bug In Facebook Android Could Expose Page Admins – Patch Deployed

December 22, 2021

A researcher discovered a security vulnerability affecting Meta’s Facebook platform, winning him a hefty bounty. Specifically, an IDOR bug affected the Facebook…

Read More
Hacking News

Wireless Coexistence Attacks Exploit (Systems on a Chip) SoCs

December 21, 2021

Researchers have demonstrated how wireless technologies, such as Bluetooth and WiFi, can lead to coexistence attacks. Such attacks can allow stealth data…

Read More
Hacking News

Google’s OSS-Fuzz Tool Now Detects “Log4Shell” Via Jazzer

December 21, 2021

As the Apache Log4j vulnerability continues to wreak havoc, Google and Code Intelligence have jumped in with mitigations. Specifically, Google has collaborated…

Read More
Hacking News

Apache Releases Third Major Log4j Update To Fix A DoS Flaw

December 21, 2021

Apache has released another update shortly after the second Log4j update addressing a previously “incomplete patch” for the Log4Shell zero-day. This third…

Read More
Hacking News

Meta Expands Facebook Bug Bounty To Include Scraping Bugs

December 18, 2021

As announced recently, Meta (formerly ‘Facebook’) has expanded its bug bounty program to include scraping vulnerabilities. This decision comes amidst the growing…

ajax-loader