/ Security News /

Security researchers have been warning of a new trick that cybercriminals are leveraging to hide their malicious code designed to re-introduce the infection to steal confidential information from Magento based online e-commerce websites. So, if you have already cleaned up your hacked Magento website, there are chances your website is still leaking login credentials and …

/ Security News /

Security researchers have been warning about a simple technique that cyber criminals and email scammers are using in the wild to bypass most AI-powered phishing detection mechanisms implemented by widely used email services and web security scanners. Dubbed ZeroFont, the technique involves inserting hidden words with a font size of zero within the actual content …

/ Security News /

A critical remote code execution vulnerability has been discovered in the popular Electron web application framework that could allow attackers to execute malicious code on victims’ computers. Electron is an open source app development framework that powers thousands of widely-used desktop applications including WhatsApp, Skype, Signal, WordPress, Slack, GitHub Desktop, Atom, Visual Studio Code, and …

/ Security News /

Since hackers have started exploiting two recently disclosed unpatched critical vulnerabilities found in GPON home routers, security researchers have now released an unofficial patch to help millions of affected users left vulnerable by their device manufacturer. Last week, researchers at vpnMentor disclosed details of—an authentication bypass (CVE-2018-10561) and a root-remote code execution vulnerability (CVE-2018-10562)—in many …

/ Security News /

Facebook Page admins are publicly displayed only if admins have chosen to feature their profiles. However, there are some situations where you might want to contact a Facebook page admin or want to find out who is the owner of a Facebook page.Egyptian security researcher Mohamed A. Baset has discovered a severe information disclosure vulnerability …

/ Security News /

Security researchers are warning of a new, easy-to-exploit email trick that could allow an attacker to turn a seemingly benign email into a malicious one after it has already been delivered to your email inbox. Dubbed Ropemaker (stands for Remotely Originated Post-delivery Email Manipulation Attacks Keeping Email Risky), the trick was uncovered by Francisco Ribeiro, …

/ Security News /

WikiLeaks’ dump of CIA spying programs has another victim: Cisco. The network hardware manufacturer’s switches have a security flaw that is easy to exploit, widespread, and currently unpatched. The hole, which is present in 318 different models of Cisco switches, is definitely a gaping one as well. It exploits the Cisco Cluster Management Protocol (CMP) …

/ Security Assessments News /

Cisco Systems said that more than 300 models of switches it sells contain a critical vulnerability that allows the CIA to use a simple command to remotely execute malicious code that takes full control of the devices. There currently is no fix. Cisco researchers said they discovered the vulnerability as they analyzed a cache of documents …