Gatekeeper is a security tool on macOS system designed to ensure that only trusted software to run on the Mac. However, this application authentication feature has a security vulnerability that can be used to...
Dell SupportAssist has again a flaw. Software such as Support Assistant is mainly to help users automatically update drivers or contact technical support. Many manufacturers pre-install this type of software. The software itself has...
The 0-day vulnerability that Firefox just fixed was used to attack Coinbase employees. According to Philip Martin, a member of Coinbase security team, the attacker combination exploited two 0day vulnerabilities, one of which was a...
The Debian project team today released a new security update for Intel microcode firmware to fix the recently disclosed Intel MDS (Microarchitecture Data Sampling) vulnerability. On May 14 this year, Intel disclosed four new...
Recently, security experts from IBM X-Force discovered a remote code execution vulnerability (CVE-2019-7406) in the TP-Link Wi-Fi Extender. The vulnerability could be exploited by an unauthenticated remote attacker by triggering a malformed HTTP request, allowing...
Firefox browser has just pushed a new emergency security update to fix the zero-day vulnerability discovered by Google Project Zero. Mozilla has also confirmed that hackers have begun to exploit this vulnerability in the...
Netflix engineers have discovered multiple TCP network vulnerabilities in the Linux and FreeBSD kernels. Vulnerabilities are related to minimum segment size (MSS) and TCP Selective Acknowledgement (SACK) capabilities, the most serious of which is...
Recently, Google disclosed a security vulnerability that has been fixed. This vulnerability is a cross-site scripting attack that can be used to attack Google’s network and impersonate its employees. It is worth noting that...
Microsoft has been convincing old Windows users to install patches as soon as possible to fix a serious RDP vulnerability called “BlueKeep.” After receiving support from the National Security Agency (NSA) earlier this month,...
Recently, KnownSec 404 Team found an in-depth exploit for Oracle Weblogic with similar attack characteristics to CVE-2019-2725. This attack can bypass the latest security patches released by Oracle officially in April. Because there is...
The world-renowned software Evernote is currently found to have serious security vulnerabilities, and the problem is the extension of Evernote on Google Chrome. This vulnerability allows an attacker to build a phishing website and...
Google’s security team has again announced an 0-day vulnerability in Windows 10 that could lead to a denial of service problem on the server. Originally, this vulnerability was discovered and notified to Microsoft three...
On June 11th, Adobe officially released the June security update, which fixes multiple vulnerabilities in Adobe’s various products, including Adobe Flash player, Adobe Campaign and Adobe ColdFusion. Vulnerability Overview: Adobe Flash Player Adobe has...
Microsoft released the Microsoft June Patch Tuesday, fixing 93 security issues from simple spoofing attacks to remote code execution, including Adobe Flash Player, Kerberos, Microsoft Browsers, Microsoft Devices, Microsoft Edge, Microsoft Exchange Server, Microsoft...
Several security researchers have published a paper on a based Rowhammer vulnerability and extended its threat from memory integrity deficits to the memory RAMBleed. RAMBleed is a side channel attack that allows an attacker...
Microsoft has released this month’s Windows 10 routine cumulative update, which is mainly to resolve various vulnerabilities and known issues. According to Microsoft, this time, a total of 88 security vulnerabilities were fixed and...
