Browsing Tag
Vulnerability
1066 posts
Cloning Google’s Titan Key to bypass 2FA – Research
The attack requires the attacker to have physical access to the victim's Titan Key, hours of time, and side-channel setup equipment worth €10,000 ($12,000 - £9,000).
January 9, 2021
Facebook bug exposed identity of page admin using group doc feature
The bug was reported to Facebook under its bug bounty program after which the researcher was awarded $5,000.
January 5, 2021
Google ReCaptcha flaw lets bots bypass audio captcha challenge
According to researchers, the idea of the attack is to grab the MP3 file of the audio reCAPTCHA and submit it to Google's own Speech to Text API.
January 4, 2021
Backdoor account found in 100,000+ Zyxel Firewalls, VPN Gateways
Researchers have discovered a hard-coded admin-level backdoor account as a Zyxel firmware binary revealing username and password.
January 2, 2021
Microsoft reveals hackers viewed its source code
Microsoft confirmed that viewing source code doesn’t elevate the risk. Here's what happened and what Mircosoft said about the attack.
January 1, 2021
Hackers using smart home devices to live streaming swatting attacks
The F.B.I. is warning users to use strong credentials to prevent their smart devices from being used during swatting attacks. Here's how to.
December 30, 2020
CISA’s Sparrow.ps1 tool detects malicious activity on Azure, Microsoft 365
The new free tool called Sparrow.ps1 is intended for use by incident responders. Here's what this tool can do and how.
December 29, 2020
REvil hackers to leak photos of plastic surgery patients after massive hack
The latest victim of REvil hackers (aka Sodinokibi group) is The Hospital Group based in Manchester, England. A…
December 28, 2020
Google reveals unpatched 0day vulnerability in Microsoft’s API
Apparently, Microsoft released a patch to fix the vulnerability in June but it did not work the way it was supposed to and reminds unpatched to date.
December 24, 2020
Fashion marketplace giant 21 Buttons exposes millions of users’ data
According to researchers, the misconfigured AWS bucket is still exposed and 21 Buttons has not responded to them.
December 23, 2020