Author Archives: Lucian Constantin

Organizations that use the popular Moodle learning management system should deploy the latest patches as soon as possible because they fix vulnerabilities that could allow attackers to take over web servers.Moodle is an open source platform used by … Continue reading Flaws in Moodle CMS put thousands of e-learning websites at risk→

Organizations that use the popular Moodle learning management system should deploy the latest patches as soon as possible because they fix vulnerabilities that could allow attackers to take over web servers.Moodle is an open source platform used by … Continue reading Flaws in Moodle CMS put thousands of e-learning websites at risk→

Two teams of researchers managed to win the biggest bounties at this year’s Pwn2Own hacking contest by escaping from the VMware Workstation virtual machine and executing code on the host operating system.Virtual machines are in used in many scenario… Continue reading Pwn2Own hacking contest ends with two virtual machine escapes→

Two teams of researchers managed to win the biggest bounties at this year’s Pwn2Own hacking contest by escaping from the VMware Workstation virtual machine and executing code on the host operating system.Virtual machines are in used in many scenario… Continue reading Pwn2Own hacking contest ends with two virtual machine escapes→

Companies that use security products to inspect HTTPS traffic might inadvertently make their users’ encrypted connections less secure and expose them to man-in-the-middle attacks, the U.S. Computer Emergency Readiness Team warns.US-CERT, a division … Continue reading Some HTTPS inspection tools might weaken security→

Companies that use security products to inspect HTTPS traffic might inadvertently make their users’ encrypted connections less secure and expose them to man-in-the-middle attacks, the U.S. Computer Emergency Readiness Team warns.US-CERT, a division … Continue reading Some HTTPS inspection tools might weaken security→

Several attacks observed over the past few months that rely heavily on PowerShell, open-source tools, and fileless malware techniques might be the work of a single group of hackers.An investigation started by security researchers from Morphisec into… Continue reading String of fileless malware attacks possibly tied to single hacker group→

Several attacks observed over the past few months that rely heavily on PowerShell, open-source tools, and fileless malware techniques might be the work of a single group of hackers.An investigation started by security researchers from Morphisec into… Continue reading String of fileless malware attacks possibly tied to single hacker group→

An unpatched command injection vulnerability could allow hackers to take over enterprise networking products from Ubiquiti Networks.The vulnerability was discovered by researchers from SEC Consult and allows authenticated users to inject arbitrary c… Continue reading Unpatched vulnerability puts Ubiquiti networking products at risk→

Bug hunters have gathered again to test their skills against some of the most popular and mature software programs during the Pwn2Own hacking contest. During the first day, they successfully demonstrated exploits against Microsoft Edge, Apple’s Safa… Continue reading Adobe Reader, Edge, Safari, and Ubuntu fall during first day at Pwn2Own→