PROJET AUTOBLOG


The Hacker News

Site original : The Hacker News

⇐ retour index

Mise à jour

Mise à jour de la base de données, veuillez patienter...

Unpatched Remote Hacking Flaw Disclosed in Fortinet's FortiWeb WAF

mercredi 18 août 2021 à 05:41
Details have emerged about a new unpatched security vulnerability in Fortinet's web application firewall (WAF) appliances that could be abused by a remote, authenticated attacker to execute malicious commands on the system. "An OS command injection vulnerability in FortiWeb's management interface (version 6.3.11 and prior) can allow a remote, authenticated attacker to execute arbitrary commands

Malicious Ads Target Cryptocurrency Users With Cinobi Banking Trojan

mardi 17 août 2021 à 13:55
A new social engineering-based malvertising campaign targeting Japan has been found to deliver a malicious application that deploys a banking trojan on compromised Windows machines to steal credentials associated with cryptocurrency accounts. The application masquerades as an animated porn game, a reward points application, or a video streaming application, Trend Micro researchers Jaromir

Multiple Flaws Affecting Realtek Wi-Fi SDKs Impact Nearly a Million IoT Devices

mardi 17 août 2021 à 08:19
Taiwanese chip designer Realtek is warning of four security vulnerabilities in three software development kits (SDKs) accompanying its WiFi modules, which are used in almost 200 IoT devices made by at least 65 vendors. The flaws, which affect Realtek SDK v2.x, Realtek "Jungle" SDK v3.0/v3.1/v3.2/v3.4.x/v3.4T/v3.4T-CT, and Realtek "Luna" SDK up to version 1.3.2, could be abused by attackers to

Attackers Can Weaponize Firewalls and Middleboxes for Amplified DDoS Attacks

lundi 16 août 2021 à 17:18
Weaknesses in the implementation of TCP protocol in middleboxes and censorship infrastructure could be weaponized as a vector to stage reflected denial of service (DoS) amplification attacks, surpassing many of the existing UDP-based amplification factors to date. Detailed by a group of academics from the University of Maryland and the University of Colorado Boulder at the USENIX Security

Dozens of STARTTLS Related Flaws Found Affecting Popular Email Clients

lundi 16 août 2021 à 13:36
Security researchers have disclosed as many as 40 different vulnerabilities associated with an opportunistic encryption mechanism in mail clients and servers that could open the door to targeted man-in-the-middle (MitM) attacks, permitting an intruder to forge mailbox content and steal credentials. The now-patched flaws, identified in various STARTTLS implementations, were detailed by a group of
Error happened! 0 - count(): Argument #1 ($value) must be of type Countable|array, null given In: /var/www/ecirtam.net/autoblogs/autoblogs/autoblog.php:428 http://ecirtam.net/autoblogs/autoblogs/plusgooglecom108722708627977273008_4b868befb999be8d4a12cee6eafcf1d5f929d04b/?1273 #0 /var/www/ecirtam.net/autoblogs/autoblogs/autoblog.php(999): VroumVroum_Blog->update() #1 /var/www/ecirtam.net/autoblogs/autoblogs/plusgooglecom108722708627977273008_4b868befb999be8d4a12cee6eafcf1d5f929d04b/index.php(1): require_once('...') #2 {main}