Crooks can abuse Memcache servers to launch insanely massive DDoS attacks using very few computational resources on their end. These type of DDoS attacks are possible because of the unsecured way Memcache developers have implemented support for the UDP protocol in their product. Furthermore, to make matters worse, Memcache servers […]

A vulnerability in the processing of Network Time Protocol (NTP) packets by Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The vulnerability is due to insufficient checks on clearing […]

Security researchers from Duo Labs and the US Computer Emergency Response Team Coordination Center (CERT/CC) will release security advisories today detailing a new SAML vulnerability that allows malicious attackers to authenticate as legitimate users without knowledge of the victim’s password. The flaw affects SAML (Security Assertion Markup Language), an XML-based markup language […]

Critical Remote Code Execution vulnerability has been discovered in the most popular and most feature-rich PDF reader, Adobe Acrobat Reader DC. The vulnerability has the power to perform a stack-based buffer overflow all the executing the orbitary code when users open the vulnerable Adobe document.This Critical RCE vulnerability affected the […]

Android P, is expected to include a neat feature that prevents apps running in the background from spying on you through the camera or microphone on your cell phone. Do you cover the lens on your webcam to prevent someone from spying on you? You should, and it seems like every […]

Visa said last week that two years after US retailers started deploying terminals that could read chip-based credit and debit cards, reports of counterfeit card fraud have dropped by 70%. While modern chip-based payment cards —also known as EMV (Europay, MasterCard, Visa) cards after the three organizations that promoted the new technology— […]

The number of unique mobile malware samples increased sharply in 2017 compared to a year ago, according to Trend Micro. After years of focusing their attention largely on desktop systems, cybercriminals have, as expected, begun ramping up attacks on mobile devices. Ransomware, banking malware, and other threats aimed at smartphones […]

Google is in the process of adding support to Chrome OS for running containerized Linux applications, according to a commit spotted in the operating system’s source code last week by Reddit users. The commit adds a new device policy to allow Linux VMs on Chrome OS for the purpose of running […]

CVE-2018-4878, a Flash zero-day patched earlier this month, has resurfaced in another campaign as attackers capitalize on the bug. An Adobe Flash vulnerability CVE-2018-4878 patched earlier this month is being exploited in a new phishing campaign leveraging malicious Microsoft Word documents. This critical vulnerability is a use-after-free bug that enables […]