Sam Thomas, head of research at Secarma, a UK security company, presented security vulnerabilities in the PHP programming language at the Security Conference of Black Hat and BSides this month and noted that the vulnerability affects all PHP applications...
The Czech security company AVAST recently released a report saying that nearly 50,000 MQTT servers were exposed on the network due to misconfigurations and exposed to the public network. MQTT, short for telemetry transmission...
The Google Chrome development team has released some issues submitted by the new security staff, and these vulnerabilities have been disclosed in the latest version. The number of security vulnerabilities numbered CVE-2018-6177 is more...
On Tuesday, August 14, there was a high-risk memory corruption vulnerability (CVE-2018-8302) in the August security update released by Microsoft. The vulnerability stems from software not being able to handle objects in memory correctly, and...
On August 14th, Adobe officially released the August security update, which fixes multiple vulnerabilities in its products, including Acrobat and Reader, Flash Player, Experience Manage and Creative Cloud Desktop Application. Vulnerability Overview: Adobe Flash...
Microsoft released the August security update patch on Tuesday, fixing 63 security issues ranging from simple spoofing attacks to remote code execution. Products related to .NET Framework, Adobe Flash Player, Device Guard, Internet Explorer,...
Recently, security researchers have discovered a new “Foreshadow” vulnerability affecting Intel processors that bypass the built-in chip security features, making it possible for attackers to obtain sensitive data stored in the supposedly secure cordoned-off...
Recently, Siemens issued an official notice stating that there are two high-risk vulnerabilities (CVE-2018-11453, CVE-2018-11454) in the TIA Portal (Totally Integrated Automation Portal) software used in its SIMATIC STEP7 and WinCC products. Affected version...
Checkpoint, an Israeli cybersecurity company, published an article about fax machine vulnerabilities at the annual Defcon hack in Las Vegas yesterday, called Faxploit. It found that the attacker needed a fax number to transfer the...
Since the launch of smart speakers such as Amazon Echo, some people began to worry that these devices may overhear their speech. In recent days, Tencent security researchers have discovered a way to crack Echo...
Since Android phones allow the use of external storage to store data or applications, there is a new type of attack for Android phones: intra-person attacks. This type of attack is usually an application...
RICHMOND, VA, August 13, 2018 — Risk-Based Security today announced the release of its 2018 mid-year VulnDB QuickView report that shows there have been 10,644 vulnerabilities disclosed through June 30th. This is the highest number of...
Two researchers at the University of Saarland in Germany published the paper “ret2spec: Speculative Execution Using Return Stack Buffers” (PDF), which revealed a new vulnerability in the Intel processor. The new flaw enables an “inverse spectre attack”...
On August 10, 2018, Oracle issued a security notice to alert the vulnerability of the Java Virtual Machine in the Oracle Database Server, CVE-2018-3110. The vulnerability CVSS score is 9.9 points, the impact is more...
