Month: September 2020

Top Software Testing Services

Zerologon vulnerability

Zero logon Vulnerability: Instantly Become Domain Admin by Subverting Netlogon Cryptography

Zerologon is the name that was assigned to a vulnerability found in CVE-2020-1472. Due to the error in the log on method, it is called Zerologon, where the initialization vector (IV) is set to all zeros all the time, random numbers should still be an initialization vector (IV). An emergency advisory urging civilian federal agencies to take…
Read more

Instagram vulnerability

Instagram Vulnerability Capable of Exploiting Smartphone by RCE, Now Fixed

Facebook patched a major vulnerability in Instagram, which was large enough to take over the whole smartphone. The issue was found in the android application of Instagram. The issue privately told to Facebook, the owner of Instagram, by Check Point was present in a third party project Mozpeg.  Mozpeg is a third-party open source project utilized…
Read more

Researchers finds ongoing surveillance campaign from 2014 targeting Iranian expats and defectors

The history of Iranian cyber-offensive operations has shown that the same threat actors responsible for espionage against the private sector are engaged in surveillance of human rights defenders and are significantly more successful. The relationship between Iran-originated cyber activities and the government, as well as the motivations for such operations, is made more apparent by the lens…
Read more

German Ransom

A German Patient Dies After Ransomware Attack Paralyzes German Hospital Systems

In an unusual case, a German woman died of ransomware. German police have launched a homicide case against the hackers.  In a first of it is kind, a female patient from Dusseldorf, Germany, due to getting a life-saving treatment died as a result of a cyber-attack at Dusseldorf University Hospital which resulted in locking the…
Read more

firefox

Exploitation of LAN vulnerability found in Firefox for Android

New Vulnerability in SSDP engine of firefox for android discovered, can be exploited without any malicious links or website click and launch as applications without user permission, says Australian based exploit researcher Chris Moberly. Recently, firefox application(v 68.11.0 and below) for android devices was found to be vulnerable because of a faulty code that could…
Read more

According To a Recent Report 97% of Top Cybersecurity Companies Got Hacked in 2020

For today’s companies, data compromises are one of the top issues. With the estimated global cost of a single violation hovering at $3.62 million, these violations’ cost continues to rise. Network security is also hugely relevant for any company beyond the financial implications of a hack, since an attack will undermine your consumers’ faith. Indeed, within six…
Read more

New Unpatched Bluetooth Flaw

Bluetooth 4.2 and 5.0, supporting dual-mode are vulnerable to key overwriting, says the Researchers at the École Polytechnique Fédérale de Lausanne (EPFL) and Purdue University in independent researches. The devices from iPad Pro to iPhone 11 run on these vulnerable Bluetooth versions. Cross Transport Key Derivation(CTKD), which is responsible to authenticate keys, when pairing two…
Read more

Small and mid business

Cybersecurity on the Front Seat for Small To Medium-Sized Businesses

With the rapid advancement in the cyber world, cyber threats are also becoming imperative. Cybersecurity has become one of the critical sectors that companies are investing in. The companies and businesses, irrespective of their scale of operation, are prone to the prevalent cyber threats today. The number and extent of attacks have seen a rise,…
Read more

INVDOS

Invdos Bug That Could Have Crashed Bitcoin and Other Blockchain Nodes Finally Fixed After Two Years

Years old vulnerability finally revealed to the public upon rediscovery after being patched for two years. A protocol engineer by profession, Javed Khan, rediscovered a vulnerability during the Decred Bug Bounty program, an open program aimed to find bugs in the software which led the vulnerability to be disclosed to the world, which was rather kept…
Read more

emvbug

New Research Revealed Flaw in Pin Verification System of EMV

A recent study by a group of researchers at ETH Zurich University has revealed severe flaws in the EVM protocol design that makes it prone to many types of attacks. Although the security for EMV has been advertised, many attacks over the years have indicated otherwise.  EMV is the international standard protocol for smart card…
Read more