Even as Visa issued a warning about a new JavaScript web skimmer known as Baka, cybersecurity researchers have uncovered an authentication flaw in the company's EMV enabled payment cards that permits cybercriminals to obtain funds and defraud cardholders as well as merchants illicitly.The research, published by a group of academics from the ETH Zurich, is a PIN bypass attack … [Read more...] about New PIN Verification Bypass Flaw Affects Visa Contactless Payments
Affects
Critical GRUB2 Bootloader Bug Affects Billions of Linux and Windows Systems
A team of cybersecurity researchers today disclosed details of a new high-risk vulnerability affecting billions of devices worldwide—including servers and workstations, laptops, desktops, and IoT systems running nearly any Linux distribution or Windows system.Dubbed 'BootHole' and tracked as CVE-2020-10713, the reported vulnerability resides in the GRUB2 bootloader, which, if … [Read more...] about Critical GRUB2 Bootloader Bug Affects Billions of Linux and Windows Systems
Critical RCE Flaw (CVSS 10) Affects F5 BIG-IP Application Security Servers
Cybersecurity researchers today issued a security advisory warning enterprises and governments across the globe to immediately patch a highly-critical remote code execution vulnerability affecting F5's BIG-IP networking devices running application security servers.The vulnerability, assigned CVE-2020-5902 and rated as critical with a CVSS score of 10 out of 10, could let remote … [Read more...] about Critical RCE Flaw (CVSS 10) Affects F5 BIG-IP Application Security Servers
SWAPGS Attack — New Speculative Execution Flaw Affects All Modern Intel CPUs
A new variant of the Spectre (Variant 1) side-channel vulnerability has been discovered that affects all modern Intel CPUs, and probably some AMD processors as well, which leverage speculative execution for high performance, Microsoft and Red Hat warned.Identified as CVE-2019-1125, the vulnerability could allow unprivileged local attackers to access sensitive information stored … [Read more...] about SWAPGS Attack — New Speculative Execution Flaw Affects All Modern Intel CPUs
Capital One Data Breach Affects 106 Million Customers; Hacker Arrested
Another week, another massive data breach.Capital One, the fifth-largest U.S. credit-card issuer and banking institution, has recently suffered a data breach exposing the personal information of more than 100 million credit card applicants in the United States and 6 million in Canada.The data breach that occurred on March 22nd and 23rd this year allowed attackers to steal … [Read more...] about Capital One Data Breach Affects 106 Million Customers; Hacker Arrested
Zoom RCE Flaw Also Affects Its Rebranded Versions RingCentral and Zhumu
The same security vulnerabilities that were recently reported in Zoom for macOS also affect two other popular video conferencing software that under the hood, are just a rebranded version of Zoom video conferencing software.Security researchers confirmed The Hacker News that RingCentral, used by over 350,000 businesses, and Zhumu, a Chinese version of Zoom, also runs a hidden … [Read more...] about Zoom RCE Flaw Also Affects Its Rebranded Versions RingCentral and Zhumu
Important Flaw in Outlook App for Android Affects Over 100 Millions Users
Update (22 July 2019) — More technical details and proof-of-concept for the OutLook for Android vulnerability has been released that we have covered in a separate article here.Microsoft today released an updated version of its "Outlook for Android" that patches an important security vulnerability in the popular email app that is currently being used over 100 million … [Read more...] about Important Flaw in Outlook App for Android Affects Over 100 Millions Users