Cybersecurity News – Page 5

Google researcher reveals an unpatched bug in Windows’ cryptographic library that can quickly “take down a windows fleet”

Posted on June 13, 2019 by Savia Lobo

Tavis Ormandy, a vulnerability researcher at Google, uncovered a security issue in SymCrypt, the core cryptographic library for Windows, which the Microsoft team is still trying to fix. Ormandy says that if the vulnerability is exploited in a denial of… Continue reading Google researcher reveals an unpatched bug in Windows’ cryptographic library that can quickly “take down a windows fleet”→

NSA warns users of BlueKeep vulnerability; urges them to update their Windows systems

Posted on June 10, 2019 by Savia Lobo

Last week, the NSA published an advisory urging Microsoft Windows administrators and users to update their older Windows systems to protect against the BlueKeep vulnerability. This vulnerability was first noted by UK National Cyber Security Centre and … Continue reading NSA warns users of BlueKeep vulnerability; urges them to update their Windows systems→

PyPI announces 2FA for securing Python package downloads

Posted on May 31, 2019 by Savia Lobo

Yesterday, Python’s core development team announced that PyPI now offers two-factor authentication to increase the security of Python package downloads and thus reduce the risk of unauthorized account access. The team announced that the 2FA will … Continue reading PyPI announces 2FA for securing Python package downloads→

All Docker versions are now vulnerable to a symlink race attack

Posted on May 29, 2019 by Vincy Davis

Yesterday Aleksa Sarai, Senior Software Engineer at SUSE Linux GmbH, notified users that the ‘ docker cp’ is vulnerable to symlink-exchange race attacks. This attack makes all the Docker versions vulnerable. This attack can be seen as a con… Continue reading All Docker versions are now vulnerable to a symlink race attack→

Salesforce suffers major outage providing data access irrespective of the permission settings

Posted on May 20, 2019 by Savia Lobo

Salesforce informed its customers that it was facing a major issue with its service, early Friday morning, and mentioned that it was working towards resolving the issue soon. The popular cloud-based software company experienced an outage due to its fau… Continue reading Salesforce suffers major outage providing data access irrespective of the permission settings→

What is the Impact of Zombieload?

Posted on May 16, 2019 by Adam Mansour

By now you have likely heard about Zombieload, the latest in a series of vulnerabilities impacting the Intel Core and Xeon processors that power your endpoints. Of course, it’s not the vulnerability itself (appearing in proc’s made aft… Continue reading What is the Impact of Zombieload?→

Intel discloses four new vulnerabilities labeled MDS attacks affecting Intel chips

Posted on May 15, 2019 by Savia Lobo

Yesterday, Intel and a group of microarchitecture security researchers disclosed four new hackable vulnerabilities in Intel’s chips. These vulnerabilities expose extremely sensitive data and processes from a victim’s CPU to the attacker. In… Continue reading Intel discloses four new vulnerabilities labeled MDS attacks affecting Intel chips→

Rust’s recent releases 1.34.0 and 1.34.1 affected from a vulnerability that can cause memory unsafety

Posted on May 14, 2019 by Bhagyashree R

Last week, the Rust team was informed about a vulnerability in Rust’s standard library, the details of which they shared yesterday. The vulnerability is caused by a function that was stabilized in the Rust 1.34.0 and 1.34.1 versions. The Common V… Continue reading Rust’s recent releases 1.34.0 and 1.34.1 affected from a vulnerability that can cause memory unsafety→

A WhatsApp vulnerability enabled attackers to inject Israeli spyware on user’s phones

Posted on May 14, 2019 by Bhagyashree R

Earlier this month, a major vulnerability was discovered in Whatsapp by its security team that allowed attackers to remotely install surveillance software on iOS and Android smartphones. The malicious software was injected in users phone by making What… Continue reading A WhatsApp vulnerability enabled attackers to inject Israeli spyware on user’s phones→

Hackers steal bitcoins worth $41M from Binance exchange in a single go!

Posted on May 9, 2019 by Savia Lobo

On Tuesday, Binance Exchange, one of the popular cryptocurrency exchanges, reported a huge security breach where hackers stole around 7,000 bitcoins worth $41 millions, in a single transaction. The hackers were able to gain a bulk of user API keys, 2FA… Continue reading Hackers steal bitcoins worth $41M from Binance exchange in a single go!→