HackDig : Dig high-quality web security articles for hacker

Google launched Google Play Security Reward bug bounty program to protect apps in Play Store

Google has launched Google Play Security Reward, the bug bounty program that will pay $1,000 rewards for flaws in popular apps. Google has officially launched a bug bounty program for Android apps on Google Play Store, a measure that aims to improve the security of Android apps. The initiative, called Google Play Security Reward, will involve the security c
Publish At:2017-10-22 06:06 | Read:227 | Comments:0 | Tags:Breaking News Hacking Mobile bug bounty program Google Googl

CVE-2017-12617 Code Execution flaw patched in Apache Tomcat

Several security vulnerabilities have been patched in recent weeks in Apache Tomcat, including the CVE-2017-12617 Code Execution vulnerability. Several security vulnerabilities have been patched in recent weeks in Apache Tomcat. The list of fixed flaws recently addressed also included code execution vulnerabilities. Apache Tomcat is the most widely used web
Publish At:2017-10-05 17:05 | Read:271 | Comments:0 | Tags:Breaking News Hacking Apache RCE Tomcat

CISCO addressed several critical IOS flaws that expose devices to remote attacks

Cisco has released security updates for its IOS Operating System to fix more than a dozen critical and high severity vulnerabilities. Cisco has released updates for its IOS software to fix more than a dozen critical and high severity vulnerabilities that could be exploited by attackers to remotely take over company’s switches and routers. Giving a close loo
Publish At:2017-09-28 18:26 | Read:238 | Comments:0 | Tags:Breaking News Hacking CISCO iOS RCE IOS

MAGENTO 2.0.16 and 2.1.9 security update fixes critical flaw in the platform

Magento released updates for Magento Commerce and Open Source 2.1.9 and 2.0.16 that fixed also a critical remote code execution vulnerability. Magento released updates for Magento Commerce and Open Source 2.1.9 and 2.0.16 that fixed numerous flaws, including a critical remote code execution vulnerability. The remote code execution flaw impacts content manag
Publish At:2017-09-17 05:40 | Read:322 | Comments:0 | Tags:Breaking News Hacking Magento RCE

September Patch Tuesday, patch your Windows now to avoid ugly surprises

Microsoft has just released the September Patch Tuesday, a huge batch of security updates to address 81 vulnerabilities including Blueborne issue. Microsoft has just released the September Patch Tuesday, a huge batch of security updates to address 81 vulnerabilities in almost any supported versions of Windows and other MS products. The batch includes secu
Publish At:2017-09-14 03:50 | Read:486 | Comments:0 | Tags:Breaking News Security Blueborn attack Hacking RCE September

Experts found an undocumented Kill Switch in Intel Management Engine

Security researchers at Positive Technologies have discovered an undocumented configuration setting that disables the Intel Management Engine. Security researchers at Positive Technologies have discovered an undocumented configuration setting that disables the CPU control mechanism Intel Management Engine 11. The Intel Management Engine consists of a microco
Publish At:2017-08-29 11:20 | Read:343 | Comments:0 | Tags:Breaking News Hacking CVE-2017-5689 Intel Intel Management E

Experts at ZDI reported two critical Zero-Day flaws in Foxit PDF Reader

Experts found two critical zero-day flaws in the Foxit PDF Reader that could be exploited by attackers to execute arbitrary code on a targeted computer Security researchers have discovered two critical zero-day vulnerabilities in the popular Foxit Reader application that could be exploited by attackers to execute arbitrary code on a targeted computer, if no
Publish At:2017-08-22 13:35 | Read:291 | Comments:0 | Tags:Breaking News Hacking Foxit PDF Reader RCE ZDI zero-Day

Expert exploited an unrestricted File Upload flaw in a PayPal Server to remotely execute code

The security researcher Vikas Anil Sharma exploited an unrestricted File Upload vulnerability in a PayPal Server to remotely execute code. The security researcher Vikas Anil Sharma has found a remote code execution vulnerability in a PayPal server. The expert was visiting the PayPal Bug Bounty page using the Burp software, below the response obtained opening
Publish At:2017-07-24 00:05 | Read:346 | Comments:0 | Tags:Breaking News Hacking hackig PayPal Server RCE unrestricted

SHELLBIND IoT malware targets NAS devices exploiting SambaCry flaw

The seven-year-old remote code execution vulnerability SambaCry was exploited by the SHELLBIND IoT malware to target NAS devices. A new strain of malware dubbed SHELLBIND exploits the recently patched CVE-2017-7494 Samba vulnerability in attacks against Internet of Things devices. SHELLBIND has infected most network-attached storage (NAS) appliances, it exp
Publish At:2017-07-19 09:10 | Read:476 | Comments:0 | Tags:Cyber Crime Internet of Things Malware CVE-2017-7494 Hacking

For the second time in the year, experts found a flaw in Cisco WebEx Extension

For the second time in a year, a highly critical remote code execution vulnerability was found in the Cisco WebEx Extension. For the second time in a year, a highly critical remote code execution vulnerability, tracked as CVE-2017-6753, was discovered in the Cisco Systems WebEx browser extension for Chrome and Firefox. The vulnerability could be exploited by
Publish At:2017-07-17 20:20 | Read:410 | Comments:0 | Tags:Breaking News Hacking CISCO CISCO WebEx RCE

Do you use Adobe Flash Player? You should update it now!

Adobe released new versions of Flash Player and Connect web conferencing software to fix important and critical vulnerabilities. According to the security advisory published by Adobe for Flash Player, the new version 26.0.0.137 patches three critical vulnerabilities, including a remote code execution flaw tracked as CVE-2017-3099 that can be exploited by att
Publish At:2017-07-14 00:15 | Read:628 | Comments:0 | Tags:Breaking News Hacking Adobe Connect Flash Player RCE XSS

OpenVPN fixed several remotely exploitable flaws that were not detected by recent audits

OpenVPN fixed several vulnerabilities that could be exploited by remote attackers, the flaws were not detected in a recent audit. Recently two distinct audits were conducted to discover security issues in the OpenVPN, many flaws were found but some vulnerabilities were not spotted by the experts. Four of the vulnerabilities in OpenVPN 2.4.2, were found by th
Publish At:2017-06-23 07:05 | Read:375 | Comments:0 | Tags:Breaking News Hacking OpenVPN RCE exploit

Microsoft patches two critical remote code execution (RCE) flaws that have been exploited in attacks

Microsoft released the June 2017 Patch Tuesday to address more than 90 security flaws, including two critical RCE that have been exploited in attacks. Microsoft released June Patch Tuesday updates that address more than 90 vulnerabilities, including two critical remote code execution (RCE) vulnerabilities that have been exploited in attacks. The first vulner
Publish At:2017-06-14 02:05 | Read:454 | Comments:0 | Tags:Breaking News Hacking Uncategorized critical remote code exe

SambaCry is reality, crooks are abusing CVE-2017-7494 to spread miners

Security experts from Kaspersky confirmed that threat actors in the wild are exploiting the SambaCry vulnerability CVE-2017-7494 to spread a miner. At the end of May, a seven-year-old remote code execution vulnerability affecting all versions of the Samba software since 3.5.0 was patched by the development team of the project. An attacker can exploit the CV
Publish At:2017-06-11 00:25 | Read:491 | Comments:0 | Tags:Breaking News Hacking CVE-2017-7494 RCE Remote Code Executio

CVE-2017-7494 Samba vulnerability, patch your installation now!

A seven-year-old remote code execution vulnerability, tracked as CVE-2017-7494, affects all versions of the Samba software since 3.5.0. A seven-year-old remote code execution vulnerability affects all versions of the Samba software since 3.5.0. The flaw has been patched by the development team of the project. An attacker can exploit the CVE-2017-7494 RCE to
Publish At:2017-05-25 14:40 | Read:798 | Comments:0 | Tags:Breaking News Hacking CVE-2017-7494 RCE Remote Code Executio

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud