Two days after Cisco patched a severe vulnerability in a popular brand of SOHO routers, and one day after the publication of proof-of-concept code, hackers have started scans and attacks exploiting the said security bug to take over unpatched devices. The vulnerability, tracked as CVE-2019-1663, was of note when it came […]
Haythem Elmir
70000 Pakistani banks’ cards with PINs go on sale on the dark web.
Group-IB experts discovered new databases with a total of 69,189 Pakistani banks’ cards that have shown up for sale on the dark web. Group-IB, an international company that specializes in preventing cyberattacks, has discovered new databases with a total of 69,189 Pakistani banks’ cards that have shown up for sale on the dark web. The total market value of […]
CVE-2019-9019 affects British Airways Entertainment System on Boeing 777-36N(ER)
The British Airways Entertainment System, as installed on Boeing 777-36N(ER) and possibly other aircraft, is affected by a privilege escalation issue tracked as CVE-2019-9019. Experts discovered a critical vulnerability in the British Airways Entertainment System. The flaw is a privilege escalation issue that resides in the component USB Handler, an attacker could exploit […]
Malware spam campaign exploits WinRAR flaw to deliver Backdoor
Experts discovered a malspam campaign that is distributing a malicious RAR archive that could exploit the WinRAR flaw to install deliver malware on a computer. A few days ago, security experts at CheckPoint software have disclosed a critical 19-year-old vulnerability in the WinRAR that could be exploited by attackers to gain full […]
New Attacks Against 4G, 5G Mobile Networks Re-Enable IMSI Catchers
At NDSS Symposium 2019, a group of university researchers yesterday revealed newly discovered cellular network vulnerabilities that impact both 4G and 5G LTE protocols. According to a paper published by the researchers, « Privacy Attacks to the 4G and 5G Cellular Paging Protocols Using Side Channel Information, » the new attacks could allow remote […]
Another Critical Flaw in Drupal Discovered — Update Your Site ASAP!
Developers of Drupal—a popular open-source content management system software that powers millions of websites—have released the latest version of their software to patch a critical vulnerability that could allow remote attackers to hack your site. The update came two days after the Drupal security team released an advance security notification of the […]
Warning: Critical WinRAR Flaw Affects All Versions Released In Last 19 Years
Beware Windows users… a new dangerous remote code execution vulnerability has been discovered in the WinRAR software, affecting hundreds of millions of users worldwide. Cybersecurity researchers at Check Point have disclosed technical details of a critical vulnerability in WinRAR—a popular Windows file compression application with 500 million users worldwide—that affects […]
Critical Flaw Uncovered In WordPress That Remained Unpatched for 6 Years
Exclusive — If you have not updated your website to the latest WordPress version 5.0.3, it’s a brilliant idea to upgrade the content management software of your site now. From now, I mean immediately. Cybersecurity researchers at RIPS Technologies GmbH today shared their latest research with The Hacker News, revealing the existence […]
Kali Linux 2019.1 Released — Operating System For Hackers
Wohooo! Great news for hackers and penetration testers. Offensive Security has just released Kali Linux 2019.1, the first 2019 version of its Swiss army knife for cybersecurity professionals. The latest version of Kali Linux operating system includes kernel up to version 4.19.13 and patches for numerous bugs, along with many […]
How to Hack Facebook Accounts? Just Ask Your Targets to Open a Link
It’s 2019, and just clicking on a specially crafted URL would have allowed an attacker to hack your Facebook account without any further interaction. A security researcher discovered a critical cross-site request forgery (CSRF) vulnerability in the most popular social media platform that could have been allowed attackers to hijack […]