+84949482065
Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js…
Microsoft is force installing PC Health Check on machines running Windows 10. While users can uninstall the diagnostics tool, some have reported that it re-installs when the computer checks for…
A bug in MySQL left AWS Web Application Firewall customers vulnerable to SQL injection attacks. AWS fixed the flaw on October 1. The scientific notation bug dates back to 2013.…
The most recent stable build of Google’s Chrome browser no longer supports File Transfer Protocol (FTP). Earlier builds had disabled FTP but still allowed users to choose to turn it…
MITRE has released ATTA&CK v10. The newest version of the framework includes “a new set of Data Source and Data Component objects in Enterprise ATT&CK, complimenting the ATT&CK Data Source…
Nearly three-quarters (72%) of organizations have suffered a domain name system (DNS) attack in the last 12 months, according to a new study by the Neustar International Security Council (NISC). Ref https://www.infosecurity-magazine.com/news/72-orgs-dns-attack-last-year/
Cisco Talos recently discovered multiple vulnerabilities in the ZTE MF971R LTE portable router. The MF971R is a portable router with Wi-Fi support and works as an LTE/GSM modem. An attacker…
ASATA has picked up a privilege escalation exploit which targets the Windows component Win32k, found in all supported versions of Windows, including the newly released Windows 11. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40449
Lionel Messi and Sergio Aguero were among an initial tranche of celebrities who saw personal images and data published online by a hacker claiming to have infiltrated the Argentinian government’s…
Phishing can often lead to vulnerabilities that can result in ransomware or other types of malware. Learn how to fight phishing attacks, here https://blog.checkpoint.com/2018/10/17/national-cyber-security-awareness-month-six-tips-to-stop-phisherman/
