A proof-of-concept attack has been pioneered that “fully and practically” breaks the Secure Hash Algorithm 1 (SHA-1) code-signing encryption, used by legacy computers to sign…
View More Exploit Fully Breaks SHA-1, Lowers the Attack Bar
Tag: exploit
Microsoft Warns Of Hacking Group Targeting Vulnerable Web Servers
Microsoft has revealed details of a hacking group it calls Gallium that has malware infrastructure in China and Hong Kong and has been targeting telecommunications…
View More Microsoft Warns Of Hacking Group Targeting Vulnerable Web Servers
BlueKeep attacks are happening, but it’s not a worm
Security researchers have spotted the first mass-hacking campaign using the BlueKeep exploit; however, the exploit is not being used as a self-spreading worm, as Microsoft…
View More BlueKeep attacks are happening, but it’s not a worm
What is a zero-day vulnerability?
Chances are pretty good you’ve heard the term zero-day vulnerability. The term conjures up images of post-apocalyptic landscapes, where technology has either hit a singularity-level…
View More What is a zero-day vulnerability?
What can you do about the ‘unfixable’ exploit affecting almost every iPhone and iPad?
The Checkm8 exploit, described by the security researcher who published it as “a permanent unpatchable bootrom exploit” might be good news for the jailbreaking community…
View More What can you do about the ‘unfixable’ exploit affecting almost every iPhone and iPad?
Intense scanning activity detected for BlueKeep RDP flaw
Threat actors have started scanning the internet for Windows systems that are vulnerable to the BlueKeep (CVE-2019-0708) vulnerability. This vulnerability impacts the Remote Desktop Protocol…
View More Intense scanning activity detected for BlueKeep RDP flaw
New Exploits For Old Configuration Issues Heighten Risk for SAP Customers
Exploits give attackers a way to create havoc in business-critical SAP ERP, CRM, SCM, and other environments, Onapsis says. Exploits targeting a couple of long-known…
View More New Exploits For Old Configuration Issues Heighten Risk for SAP Customers
Critical RCE Bug in Cisco WebEx Browser Extensions Faces ‘Ongoing Exploitation’
A critical vulnerability in Cisco WebEx browser extensions that could allow unauthenticated remote code-execution (RCE) on targeted machines is being actively exploited in the wild.…
View More Critical RCE Bug in Cisco WebEx Browser Extensions Faces ‘Ongoing Exploitation’