Category: Vulnerabilities

07 Feb 2019
A critical vulnerability was found in the Android OS in which opening a cute or innocent photo in .PNG format could compromise the Android device. The vulnerability was noted in the Google’s Android security update advisory for February. The attackers can activate the bug by sending a crafted, malicious Portable Network Graphic (.PNG) file to...
06 Feb 2019
Two most popular free, open source office software LibreOffice and Apache OpenOffice have been found to have severe remote code execution (RCE) vulnerability which could be activated by just opening a malicious Open Document Text file. These software are being used by millions of Windows, MacOS and Linux users and the vulnerabilities have been disclosed...
05 Feb 2019
Last year a 20-year-old ethical hacker had been arrested by the Hungarian police for exploiting serious vulnerabilities in Magyar Telekom which is the largest telecommunication company in the country. The hacker is subjected to face up to 8 years in prison. The Hungarian media states that the hacker discovered a severe flaw in the Telekom...
30 Jan 2019
Microsoft Exchange 2013 and newer versions are vulnerable to a new privilege escalation zero-day called “PrivExchange” that permits a remote attacker with the credentials of a single lowly Exchange mailbox user to gain Domain Controller admin privileges using a simple Python tool. A security researcher with Dutch cyber-security firm Fox-IT, Dirk-jan Mollema has revealed the...
29 Jan 2019
Those of you using an Apple device must immediately turn OFF their FaceTime app at least for few days because an unpatched bug has been found in this app which would allows someone to see or hear you even before you pick the call. Several users have complained regarding this privacy issue which turns an...
28 Jan 2019
A peer-to-peer cryptocurrency exchange portal named LocalBitcoins has revealed a security breach that occurred on 26th January which lasted for around five hours. During the breach, while the users accessed the LocalBitcoins forum, they were redirected to a phishing forums login page. The attackers steal the login credentials from users, try to login to their...
25 Jan 2019
A malware named as Razy was detected by the cybers security firm at Kaspersky Lab which aims at legitimate browser extensions and also spoofs search results in pursuit to raid cryptocurrency wallets and steal virtual coins from victims. This malware is a Trojan that uses unusual methods while infecting the systems. The malware, Trojan.Win32.Razy.gen, is...
24 Jan 2019
A Chinese security researcher published the technical details of many vulnerabilities in Apple Safari web browser and iOS which permits a remote hacker to jailbreak and compromise victims’ iPhoneX running iOS 12.1.2 and earlier versions. In order to do this, the hacker has to mislead the users to open a specifically crafted web page using...
21 Jan 2019
An 18-year-old Nepali hacker Arbin Godard has discovered a vulnerability in the Ministry of Foreign Affairs of Ukraine. He arrived in the capital of Ukraine Kiev last year for an event for the white hackers to the International Cybersecurity Forum HackIT 4.0. But Nepalese hacked the website of the country’s Ministry of Foreign Affairs and...
11 Jan 2019
Three vulnerabilities have been found in the system service part of ‘systemd,’ which is a core component in Linux that manages system processes after the boot process. The vulnerabilities reside in ‘journald’ service that collects and stores log data which can be exploited to obtain root privileges on the target machine or to leak information....