Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices. According to security engineer Andy Nguyen, the three flaws — collectively called BleedingTooth — reside in the open-source BlueZ … [Read more...] about Google Warns of Zero-Click Bluetooth Flaws in Linux-based Devices
Flaws
55 New Security Flaws Reported in Apple Software and Services
A team of five security researchers analyzed several Apple online services for three months and found as many as 55 vulnerabilities, 11 of which are critical in severity. The flaws — including 29 high severity, 13 medium severity, and 2 low severity vulnerabilities — could have allowed an attacker to "fully compromise both customer and employee applications, launch a worm … [Read more...] about 55 New Security Flaws Reported in Apple Software and Services
New Flaws in Top Antivirus Software Could Make Computers More Vulnerable
Cybersecurity researchers today disclosed details of security vulnerabilities found in popular antivirus solutions that could enable attackers to elevate their privileges, thereby helping malware sustain its foothold on the compromised systems. According to a report published by CyberArk researcher Eran Shimony today and shared with The Hacker News, the high privileges often … [Read more...] about New Flaws in Top Antivirus Software Could Make Computers More Vulnerable
Critical Flaws Discovered in Popular Industrial Remote Access Systems
Cybersecurity researchers have found critical security flaws in two popular industrial remote access systems that can be exploited to ban access to industrial production floors, hack into company networks, tamper with data, and even steal sensitive business secrets. The flaws, discovered by Tel Aviv-based OTORIO, were identified in B&R Automation's SiteManager and … [Read more...] about Critical Flaws Discovered in Popular Industrial Remote Access Systems
Cisco Issues Patches For 2 High-Severity IOS XR Flaws Under Active Attacks
Cisco yesterday released security patches for two high-severity vulnerabilities affecting its IOS XR software that were found exploited in the wild a month ago.Tracked as CVE-2020-3566 and CVE-2020-3569, details for both zero-day unauthenticated DoS vulnerabilities were made public by Cisco late last month when the company found hackers actively exploiting Cisco IOS XR Software … [Read more...] about Cisco Issues Patches For 2 High-Severity IOS XR Flaws Under Active Attacks
Google Researcher Reported 3 Flaws in Apache Web Server Software
If your web-server runs on Apache, you should immediately install the latest available version of the server application to prevent hackers from taking unauthorized control over it.Apache recently fixed multiple vulnerabilities in its web server software that could have potentially led to the execution of arbitrary code and, in specific scenarios, even could allow attackers to … [Read more...] about Google Researcher Reported 3 Flaws in Apache Web Server Software
Flaws in Samsung Phones Exposed Android Users to Remote Attacks
New research disclosed a string of severe security vulnerabilities in the 'Find My Mobile'—an Android app that comes pre-installed on most Samsung smartphones—that could have allowed remote attackers to track victims' real-time location, monitor phone calls, and messages, and even delete data stored on the phone.Portugal-based cybersecurity services provider Char49 revealed its … [Read more...] about Flaws in Samsung Phones Exposed Android Users to Remote Attacks
OkCupid Dating App Flaws Could’ve Let Hackers Read Your Private Messages
Cybersecurity researchers today disclosed several security issues in popular online dating platform OkCupid that could potentially let attackers remotely spy on users' private information or perform malicious actions on behalf of the targeted accounts.According to a report shared with The Hacker News, researchers from Check Point found that the flaws in OkCupid's Android and … [Read more...] about OkCupid Dating App Flaws Could’ve Let Hackers Read Your Private Messages
Citrix Issues Critical Patches for 11 New Flaws Affecting Multiple Products
Citrix yesterday issued new security patches for as many as 11 security flaws that affect its Citrix Application Delivery Controller (ADC), Gateway, and SD-WAN WAN Optimization edition (WANOP) networking products.Successful exploitation of these critical flaws could let unauthenticated attackers perform code injection, information disclosure, and even denial-of-service attacks … [Read more...] about Citrix Issues Critical Patches for 11 New Flaws Affecting Multiple Products
Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking
A new research has uncovered multiple critical reverse RDP vulnerabilities in Apache Guacamole, a popular remote desktop application used by system administrators to access and manage Windows and Linux machines remotely.The reported flaws could potentially let bad actors achieve full control over the Guacamole server, intercept, and control all other connected … [Read more...] about Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking