Ngawur: Vulnerability

Breaking News

Showing posts with label Vulnerability. Show all posts

Showing posts with label Vulnerability. Show all posts

Wednesday, 11 May 2016

Pornhub Launches Bug Bounty Program; Offering Reward up to $25,000

With the growing number of cyber attacks and data breaches, a significant number of companies and organizations have started Bug Bounty Programs to encourage hackers and security researchers to find and responsibly report bugs in their services and get a reward.

Now, even pornography sites are starting to embrace bug bounty practices in order to safeguard its user's security.

Tuesday, 10 May 2016

Hacker Arrested after Exposing Flaws in Elections Site

A security researcher responsibly disclosed vulnerabilities in the poorly secured web domains of a Florida county elections, but he ended up in handcuffs on criminal hacking charges and jailed for six hours Wednesday.

Security researcher David Michael Levin, 31, of Estero, Florida was charged with three counts of gaining unauthorized access to a computer, network, or electronic instrument.

FCC takes initiative to Speed Up Mobile Security Updates

In Brief
The Smartphone users are fed up with slow security updates, so two United States federal agencies have launched an official inquiry to know how manufacturers and carriers deal with mobile phone security updates and what they are doing to roll out patches as quickly as possible.

The Smartphone patch update mechanism is broken, and someone has to fix it.

Most smartphone models are

Saturday, 7 May 2016

This 10-year-old Boy becomes the youngest Bug Bounty Hacker

"Talent has no Age Limit"

That’s what I said for a 10-year-old Finnish boy on our official Facebook page while sharing his recent achievement with our readers i.e. Winning $10,000 bug bounty from Instagram.

Last Tuesday when we at The Hacker News first acknowledged this talented boy and the flaw he discovered in image-sharing social network Instagram, I did not have an idea that the Facebook

Thursday, 5 May 2016

High-Severity OpenSSL Vulnerability allows Hackers to Decrypt HTTPS Traffic

OpenSSL has released a series of patches against six vulnerabilities, including a pair of high-severity flaws that could allow attackers to execute malicious code on a web server as well as decrypt HTTPS traffic.

OpenSSL is an open-source cryptographic library that is the most widely being used by a significant portion of the Internet services; to cryptographically protect their sensitive Web

Wednesday, 4 May 2016

Warning — Widely Popular ImageMagick Tool Vulnerable to Remote Code Execution

A serious zero-day vulnerability has been discovered in ImageMagick, a widely popular software tool used by a large number of websites to process user's photos, which could allow hackers to execute malicious code remotely on servers.

ImageMagick is an open-source image processing library that lets users resize, scale, crop, watermarking and tweak images.

The ImageMagick tool is supported by

Thursday, 28 April 2016

In-Brief: Telegram Vulnerability, Malware in Nuclear Plant, Anti-Tor Malware and Hotpatching Exploit

Clickjacking Vulnerability in Telegram Web Client
The official Telegram web-client that allows its users to access messenger account over desktop’s web browser is vulnerable to clickjacking web application vulnerability.

Egyptian security researcher Mohamed A. Baset told The Hacker News about a flaw in Telegram that could allow an attacker to change sensitive information of a Telegram user,

Wednesday, 27 April 2016

For the First time, FBI discloses a Flaw to Apple, but it's already Patched!

In Brief
The Federal Bureau of Investigation (FBI) made its first disclosure about a software security flaw to Apple under the Vulnerability Equities Process (VEP), a White House initiative created in April 2014 for reviewing flaws and deciding which ones should be made public.

Unfortunately, the vulnerability reported by the federal agency only affected older versions of Apple’s iOS and OS

Friday, 22 April 2016

Hacker Installed a Secret Backdoor On Facebook Server to Steal Passwords

How to Hack Facebook?

That’s the most commonly asked question during this decade.

It’s a hacker dream to hack Facebook website for earning bug bounty or for any malicious purpose.

Facebook security team recently found that someone, probably a blackhat hacker with malicious intent, has breached into its server and installed a backdoor that was configured to steal Facebook employees' login

Tuesday, 19 April 2016

Hackers can spy on your calls and track location, using just your phone number

In Brief

The famous ‘60 Minutes’ television show shocked some viewers Sunday evening when a team of German hackers demonstrated how they spied on an iPhone used by U.S. Congressman, then recorded his phone calls and tracked his movement through Los Angeles.

Hackers leverage a security flaw in SS7 (Signalling System Seven) protocol that allows hackers to track phone locations, listen in on

Wednesday, 6 April 2016

Adobe to issue Emergency Patch for Critical Flash Player Vulnerability

Adobe has been one of the favorite picks of the Hackers to mess with any systems devoid of any operating systems, as Flash Player is a front runner in all the browsers.

Hackers have already been targeting Flash Player for long by exploiting known vulnerabilities roaming in the wild.

Despite Adobe's efforts, Flash is not safe anymore for Internet security, as one more critical

Tuesday, 29 March 2016

FBI is fighting back against Judge's Order to reveal TOR Exploit Code

Last month, the Federal Bureau of Investigation (FBI) was ordered to reveal the complete source code for the TOR exploit it used to hack visitors of the world’s largest dark web child pornography site, PlayPen.

Robert J. Bryan, the federal judge, ordered the FBI to hand over the TOR browser exploit code so that defence could better understand how the agency hacked over 1,000 computers and if

Remotely Exploitable Bug in Truecaller Puts Over 100 Million Users at Risk

Security researchers have discovered a remotely exploitable vulnerability in Called ID app "Truecaller" that could expose personal details of Millions of its users.

Truecaller is a popular service that claims to "search and identify any phone number," as well as helps users block incoming calls or SMSes from phone numbers categorized as spammers and telemarketers.

The service has mobile

Monday, 28 March 2016

6 Charged for Hacking Lottery Terminals to Produce More Winning Tickets

Police have arrested and charged six people with crimes linked to hacking Connecticut state lottery terminals in order to produce more winning tickets than usual.

Prosecutors say all the six suspects are either owners or employees of retail stores that produced a much higher number of winning tickets than the state average, according to the Hartford Courant.

Suspects Hacked Lottery

Friday, 25 March 2016

Mac OS X Zero-Day Exploit Can Bypass Apple's Latest Protection Feature

A critical zero-day vulnerability has been discovered in all versions of Apple's OS X operating system that allows hackers to exploit the company’s newest protection feature and steal sensitive data from affected devices.

With the release of OS X El Capitan, Apple introduced a security protection feature to the OS X kernel called System Integrity Protection (SIP). The feature is designed

Wednesday, 23 March 2016

Badlock — Unpatched Windows-Samba Vulnerability Affects All Versions of Windows

Security researchers have discovered a nasty security vulnerability that is said to affect almost every version of Windows and Samba and will be patched on April 12, 2016, the Samba development team announced Tuesday.

So, Save the Date if you are a Windows or Samba file server administrator.

Samba is a free, open source implementation of the SMB/CIFS network file sharing protocol that

Subscribe to: Posts (Atom)

Designed By