Cisco has recently uncovered hidden flaws which if exploited could lead to privileged code execution. These flaws are found within Cisco’s SD-WAN devices which include their vBond and vSmart controllers along with their vManage Network Management system and vBond Orchestrator software. Other devices that are affected by this vulnerability are Cisco’s vEdge routers. “Cisco has
Sat enjoying my early morning cup of coffee, as is my want most mornings, when I got an article alert through Linkedin that piqued my interest. “Too complacent,” is how specialist insurer Ecclesiastical describes charities when it comes to cybercrime risk. Thats a heck of a statement to make, but it is correct. According to the research
Intel is warning users of a high severity flaw found within their firmware of it’s ‘Converged Security and Management Engine’ (CSME) which is used to power Intel’s ‘Active Management System’ hardware for the purpose of remote out-of-band management to consumers. This flaw could enable an attacker to conduct Privilege Escalation, Information Disclosure and Denial of Service.
A recent vulnerability was found by researchers from a German security firm. Fixes are available via the Android February 2020 Security Bulletin. The bug is identified as CVE-2020-002; when exploited can result in remote-code-execution without any user interaction with elevated privileges.
A security researcher by the name of Gal Weizman from PerimeterX found multiple flaws within WhatsApp that could potentially lead to remote-code-execution (RCE). The flaws enabled vulnerabilities such as Open-Redirect, Persistent-XSS, CSP-Bypass and read privileges from the Local File System (LFS).
It has recently been reported that not long ago, last Thanksgiving, Google had a bug which caused personal photos to be shared to complete strangers. ‘The Chocolate Factory’ made note of this issue and began notifying users that there is a bug in Google Photos data-archiving tool, Takeout.
A recent finding of a microarchitectural Data Sampling (MDS) vulnerability within Intel’s CPU’s found by researchers have now released a Proof-of-Concept (PoC) code. This was not the only recent vulnerability found; however, it is the most severe with a Medium risk vulnerability.
Juice Jacking is an attack-type that involves plugging your phone into public sockets for “charging purposes”. The truth behind these sockets is the installation of malware on your phones and other electronic devices of unsuspecting users.