Top Software Testing Services
Two security vulnerabilities present in Orbit Fox (one of them is a privilege-escalation error and the other one is a stored XSS bug), which is a WordPress plugin, can enable bad actors to infuse a malicious code in any vulnerable website and also allow to take control of the site. WordPress plugin, Orbit Fox, is…
Read more
A new strand of malware strain has been found that utilizes word document files embedded with macros for downloading GitHub facilitated PowerShell scripts. This downloaded PowerShell script is further used to decrypt the Cobalt Strike Script on Windows by downloading a genuine image file from Imgur – an image hosting service. A lot of researchers…
Read more
A public disclosure of poorly patched security vulnerability in Windows print spooler API was made by Google’s Project Zero Team. This bug could be taken advantage of by attackers or hackers to perform arbitrary code execution. The bug was disclosed to Microsoft in December 2019 by an unidentified user working with Trend Micro’s Zero Day…
Read more
Facebook patched a major vulnerability in Instagram, which was large enough to take over the whole smartphone. The issue was found in the android application of Instagram. The issue privately told to Facebook, the owner of Instagram, by Check Point was present in a third party project Mozpeg. Mozpeg is a third-party open source project utilized…
Read more
New Vulnerability in SSDP engine of firefox for android discovered, can be exploited without any malicious links or website click and launch as applications without user permission, says Australian based exploit researcher Chris Moberly. Recently, firefox application(v 68.11.0 and below) for android devices was found to be vulnerable because of a faulty code that could…
Read more
Bluetooth 4.2 and 5.0, supporting dual-mode are vulnerable to key overwriting, says the Researchers at the École Polytechnique Fédérale de Lausanne (EPFL) and Purdue University in independent researches. The devices from iPad Pro to iPhone 11 run on these vulnerable Bluetooth versions. Cross Transport Key Derivation(CTKD), which is responsible to authenticate keys, when pairing two…
Read more
Years old vulnerability finally revealed to the public upon rediscovery after being patched for two years. A protocol engineer by profession, Javed Khan, rediscovered a vulnerability during the Decred Bug Bounty program, an open program aimed to find bugs in the software which led the vulnerability to be disclosed to the world, which was rather kept…
Read more
A recent study by a group of researchers at ETH Zurich University has revealed severe flaws in the EVM protocol design that makes it prone to many types of attacks. Although the security for EMV has been advertised, many attacks over the years have indicated otherwise. EMV is the international standard protocol for smart card…
Read more
A new zero-day vulnerability was founded by Wordfence in a WordPress plugin. The vulnerability existed in the file manager plugin and allows unauthenticated attackers to execute arbitrary code on a WordPress site. WordPress is a popular website building website and is used by millions of users worldwide. The vulnerability has affected 70,000 active users of…
Read more
The cold war started in 1947, leading to the race of nuclear weapons that might have ended in 1991, but the relations between the two world powers have never been friendly. The two nations never hesitate to trouble each other. But this time, the FBI has shown serious concerns regarding a Russian“wood cutter.” What is…
Read more
Recent Comments