Only a few hours after the Drupal team releases latest updates to fix a new remote code execution flaw in its content management system software, hackers have already started exploiting the vulnerability in the wild.
Announced yesterday, the newly discovered vulnerability (CVE-2018-7602) affects Drupal 7 and 8 core and allows remote attackers to achieve exactly same what previously discovered Drupalgeddon2 (CVE-2018-7600) flaw allowed—complete take over of affected websites.Read More
If you often leave your valuable and expensive stuff like laptop and passports in the hotel rooms, then beware. Your room can be unlocked by not only a malicious staff having access to the master key, but also by an outsider.
A critical design vulnerability in a popular and widely used electronic lock system can be exploited to unlock every locked room in a facility, leaving millions of hotel rooms around the world vulnerable to hackers.Read More
Damn! You have to update your Drupal websites.
Yes, of course once again—literally it’s the third time in last 30 days.
As notified in advance two days back, Drupal has now released new versions of its software to patch yet another critical remote code execution (RCE) vulnerability, affecting its Drupal 7 and 8 core.Read More
In a major hit against international cybercriminals, the Dutch police have taken down the world’s biggest DDoS-for-hire service that helped cyber criminals launch over 4 million attacks and arrested its administrators.
An operation led by the UK’s National Crime Agency (NCA) and the Dutch Police, dubbed “Power Off,” with the support of Europol and a dozen other law enforcement agencies, resulted in the arrest of 6 members of the group behind the “webstresser.org” website in Scotland, Croatia, Canada and Serbia on Tuesday.
With over 136,000 regiRead More
Security researchers have discovered three vulnerabilities in the Spring Development Framework, one of which is a critical remote code execution flaw that could allow remote attackers to execute arbitrary code against applications built with it.
Spring Framework is a popular, lightweight and an open source framework for developing Java-based enterprise applications.Read More
One of the biggest and most popular multi-antivirus scanning engine service has today launched a new Android sandbox service, dubbed VirusTotal Droidy, to help security researchers detect malicious apps based on behavioral analysis.
VirusTotal, owned by Google, is a free online service that allows anyone to upload files to check them for viruses against dozens of antivirus engines simultaneously.Read More
Facebook dropped another bombshell on its users by admitting that all of its 2.2 billion users should assume malicious third-party scrapers have compromised their public profile information.
On Wednesday, Facebook CEO Mark Zuckerberg revealed that “malicious actors” took advantage of “Search” tools on its platform to discover the identities and collect information on most of its 2 billion users worldwide.Read More
Blockchain technology has been around for some time now. It was first described in 1991 by Stuart Haber and W. Scott Stornetta, but wasn’t known mainstream until the technology was used in Bitcoin in 2008.
Blockchain is described as a public ledger for all transactions on a network. Due to it’s sequential nature the leger can be distributed between computer systems and permit anyone to validate the entries. This allows a consensus to be formed and ensures the integrity of the ledger.Read More
Whether you’re a developer, designer or a writer, a good text editor always help you save time and make you work more efficiently.
For example, I use Sublime a lot while programming because it includes some useful tools like ‘syntax highlighting’ and ‘autocomplete’ that every advanced text editor should have.Read More
The team of security researchers—who last month demonstrated how attackers could steal data from air-gapped computers protected inside a Faraday cage—are back with its new research showing how two (or more) air-gapped PCs placed in the same room can covertly exchange data via ultrasonic waves.
Air-gapped computers are believed to be the most secure setup wherein the systems remain isolated from the Internet and local networks, requiring physical access to access data via a USB flash drive or other removable media.Read More