A joint team of researchers from Lancaster University and Northwest University and Peking University in China tested security through artificial intelligence testing. Most websites have verification links including text verification codes and graphics verification...
On December 05, Adobe officially released the Security updates available for Flash Player, which fixes two critical vulnerability (CVE-2018-15982 and CVE-2018-15983) in this products. Successful exploitation does allow arbitrary code execution and privilege escalation in the...
Researchers at Northeastern University and IBM Research have discovered a new variant of the Spectre CPU vulnerability that can be leveraged through browser-based code. An important difference between the new vulnerability known as SplitSpectre and other Spectre variants is...
Wanpeng Li recently discovered two denials of service (DOS) in the Linux Kernel, allowing local attackers to use a null pointer to reference a bug to trigger a DOS state. The first vulnerability, numbered CVE-2018-19406...
VMware recently released security bulletins that fix a serious vulnerability (CVE-2018-6983) in VMware Workstation and Fusion. The weaknesses were provided by Tianwen Tang of Qihoo 360Vulcan Team, which completed the virtual machine escape challenge at...
Row hammer (also written as rowhammer) is an unintended side effect in dynamic random-access memory (DRAM) that causes memory cells to leak their charges and interact electrically between themselves, possibly leaking or changing the contents of nearby memory rows that were not addressed in...
On November 20, Adobe officially released the Security updates available for Flash Player, which fixes a critical vulnerability in this products. The details about the vulnerability have already been made public. Successful exploitation does...
Privacy4Cars warns that a new Bluetooth technology called CarsBlues could affect millions of cars. This attack technology exploits the security vulnerabilities of infotainment systems installed on several cars via Bluetooth, which affects users who connect...
Most of the ATMs produced by NCR, Diebold Nixdorf, GRGBanking and used by banks have proven to be vulnerable to attack by remote or local potential attackers, and most attacks take no more than...
Microsoft has fixed a new zero-day vulnerability (CVE-2018-8589) in this week’s routine security update, which was discovered by Kaspersky. Unlike the zero-day vulnerability that Kaspersky discovered last time, this vulnerability only affects Windows 7 and Server...
Microsoft released the November Patch Tuesday, fixing 64 security issues ranging from simple spoofing attacks to remote code execution. Products include .NET Core, Active Directory, Adobe Flash Player, Azure, BitLocker, Internet Explorer, Microsoft Drivers....
On November 13, Adobe officially released the November security update, which fixes multiple vulnerabilities in its products. The affected products include Adobe Flash Player, Adobe Acrobat and Reader, and Adobe Photoshop CC. Vulnerability Overview:...
VMware recently released security bulletins that fix two serious vulnerabilities (CVE-2018-6981 and CVE-2018-6982) in VMware ESXi, Workstation and Fusion. The weaknesses were provided by security researcher Zhangyanyu, which completed the virtual machine escape challenge at the...
RIPS security researcher Simon Scannell noted that WooCommerce includes a file deletion vulnerability that allows the store manager to delete any files on the server. At most, this type of vulnerability is to remove the...
nginx has been experiencing security problems in recent days, which may cause more than 14 million servers to be vulnerable to DoS attacks. The vulnerabilities that lead to security issues exist in the HTTP/2 and...
Earlier, researchers at the University of Nijmegen in the Netherlands found that some mainstream SSDs have severe vulnerabilities in their hardware-based full-disk encryption. This vulnerability allows an attacker to easily bypass high-intensity password authentication and...
