Phone security application vulnerabilities compromises devices
On April 4, 2019 researchers at Check Point Research found vulnerabilities in the preinstalled security app, Guard Provider, that affects devices from Xiaomi phones. Xiaomi is the third largest ...
3rd party car alarms make vehicles susceptible to theft
On March 8, 2019 security researchers at Pen Test Partners disclosed vulnerabilities found in the application programming interface (API) of Viper, and Pandora 3rd party car alarm systems. The ...
IBM Cloud vulnerability allows for backdoor on bare metal servers
Researchers at Eclypsium on February 26, 2019 reported on a vulnerability in International Business Machines (IBM) Softlayer--now IBM Cloud--that allowed for a malicious user to plant a backdoor on ...
WordPress vulnerability allows attacker to gain full remote access of server
On February 19, 2019 security researchers at RIPS Technologies found a vulnerability in WordPress that allowed an attacker who had author privileges to execute arbitrary hypertext preprocessor ...
Snapd vulnerability allows for privilege escalation on popular Linux distributions
On February 13, 2019 security researcher Chris Moberly from The Missing Link disclosed a privilege escalation possibility within the snapd service that allowed for a local user to elevate privileges ...
Popular RDP client vulnerabilities allows a remote system to be compromised
On February 5, 2019 researchers at Check Point Research disclosed 25 vulnerabilities in 3 popular Remote Desktop Protocol (RDP) clients: mstsc.exe, FreeRDP, and rdesktop. These vulnerabilities ...
iPhone vulnerability allows attackers to spy on contacts
On January 28, 2019, security engineer Brandon Arvanaghi discovered a flaw in the iPhone that allowed for an attacker to receive audio and video feed from another iPhone victim when initiating a ...
GitHub vulnerability threatens intellectual property of users
A recent vulnerability was found by GitHub user sarazasara that allows users to view private code repositories (repos) after they have been revoked privileges from the repo. GitHub is a Web-hosting ...
Google search vulnerability allows forging of faulty Google search links
On January 7, 2019 cybersecurity professional Wietze Beukema reported a vulnerability in the Knowledge Graph of the Google search which allowed for the crafting of Google search uniform resource ...
Did China secretly install microchips to spy on U.S. companies?
What happened?Bloomberg reports that San Jose based company Supermicro implanted microchips on server motherboards. Over 30 U.S. companies were reported to be affected, including ...