Collaborate Disseminate
Nothing in this world is fully secure, from our borders to cyberspace. I know vulnerabilities are bad, but the worst part comes in when people just don’t care to apply patches on time.
Late last year, Cisco’s Talos intelligence and research group disc… Continue reading Over 70,000 Memcached Servers Still Vulnerable to Remote Hacking
WordPress, the most popular CMS in the world, is vulnerable to a logical vulnerability that could allow a remote attacker to reset targeted users’ password under certain circumstances.
The vulnerability (CVE-2017-8295) becomes even more dangerous after knowing that it affects all versions of WordPress — including the latest 4.7.4 version.
The WordPress flaw was discovered by Polish security
Continue reading Unpatched WordPress Flaw Could Allow Hackers To Reset Admin Password
Updated: Since the below-reported vulnerability is highly critical and it would take a few weeks for sysadmins to protect their enterprise network, the research team has not yet disclosed the technical details of the vulnerability.
Meanwhile, I have t… Continue reading PCs with Intel Server Chipsets, Launched Since 2010, Can be Hacked Remotely
It’s more than two and half years since the discovery of the critical OpenSSL Heartbleed vulnerability, but the flaw is still alive as it appears that many organizations did not remediate properly to the serious security glitch.
It was one of the bigg… Continue reading Over 199,500 Websites Are Still Vulnerable to Heartbleed OpenSSL Bug
The company that sells digital forensics and mobile hacking tools to others has itself been hacked.
Israeli firm Cellebrite, the popular company that provides digital forensics tools and software to help law enforcement access mobile phones in investi… Continue reading Phone-Hacking Firm Cellebrite Got Hacked; 900GB Of Data Stolen
The company that sells digital forensics and mobile hacking tools to others has itself been hacked.
Israeli firm Cellebrite, the popular company that provides digital forensics tools and software to help law enforcement access mobile phones in investi… Continue reading Phone-Hacking Firm Cellebrite Got Hacked; 900GB Of Data Stolen
Nearly two years back, we warned users about publicly accessible MongoDB instances – almost 600 Terabytes (TB) – over the Internet which require no authentication, potentially leaving websites and servers at risk of hacking.
These MongoDB instances weren’t exposed due to any flaw in its software, but due to a misconfiguration (bad security practice) that let any remote attacker access MongoDB
Continue reading Someone Hijacking Unsecured MongoDB Databases for Ransom
Nearly two years back, we warned users about publicly accessible MongoDB instances – almost 600 Terabytes (TB) – over the Internet which require no authentication, potentially leaving websites and servers at risk of hacking.
These MongoDB instances weren’t exposed due to any flaw in its software, but due to a misconfiguration (bad security practice) that let any remote attacker access MongoDB
Continue reading Someone Hijacking Unsecured MongoDB Databases for Ransom
A 5-year-old serious privilege-escalation vulnerability has been discovered in Linux kernel that affects almost every distro of the Linux operating system, including Redhat, and Ubuntu.
Over a month back, a nine-year-old privilege-escalation vulnerabi… Continue reading 5-Year-Old Linux Kernel Local Privilege Escalation Flaw Discovered
Over a month ago we reported about two critical zero-day vulnerabilities in the world’s 2nd most popular database management software MySQL:
MySQL Remote Root Code Execution (CVE-2016-6662)
Privilege Escalation (CVE-2016-6663)
At that time, Polish se… Continue reading Critical Flaws in MySQL Give Hackers Root Access to Server (Exploits Released)