HackDig : Dig high-quality web security articles for hackers

Critical buffer overflow in CODESYS allows remote code execution

Experts discovered an easily exploitable heap-based buffer overflow flaw, tracked as CVE-2020-10245, that exists in the CODESYS web server. A critical heap-based buffer overflow flaw in a web server for the CODESYS automation software for engineering control systems could be exploited by a remote, unauthenticated attacker to crash a server or execute arbi
Publish At:2020-03-28 12:22 | Read:1193 | Comments:0 | Tags:Breaking News Hacking ICS-SCADA buffer overflow CODESYS heap

Serious Security: Understanding how computers count

byPaul DucklinWe recently wrote up a fascinatingly scary warning about server hard drives that might abruptly and utterly fail.HPE warned its customers that a wide variety of its solid state disks (SSDs) needed an urgent firmware update to prevent them sailing over the edge of the earth into oblivion.The disks weren’t badly manufactured; they werenR
Publish At:2019-12-09 17:35 | Read:1134 | Comments:0 | Tags:Vulnerability buffer overflow Bug overflow serious security

Information and Communication Technology (ICT) Industry: Second-Most Attacked Sector in 2016

The information and communication technology (ICT) industry has evolved greatly over the last several decades. The interconnected nature of ICT devices and systems, along with modern society’s dependence on the technologies and services this sector provides, increases the risk of cyberattack. Furthermore, firms in this industry often act as a clearingh
Publish At:2017-07-10 21:30 | Read:5180 | Comments:0 | Tags:Industries Threat Intelligence X-Force Research Buffer Overf

Experts found a critical remote buffer overflow vulnerability in Skype

The security expert Benjamin Kunz-Mejri from security firm Vulnerability Lab discovered a remote zero-day stack buffer overflow vulnerability in Skype. The security expert Benjamin Kunz-Mejri from security firm Vulnerability Lab discovered a Skype zero-day stack buffer overflow vulnerability, tracked as CVE-2017-9948, that could be exploited by a remot
Publish At:2017-06-28 16:00 | Read:3963 | Comments:0 | Tags:Breaking News Hacking buffer overflow Skype Vulnerability

Cisco fixes a critical flaw in CISCO CVR100W Wireless-N VPN Small Business Routers

Cisco released a firmware update to fix a critical buffer overflow vulnerability in CISCO CVR100W Wireless-N VPN Small Business Routers. Cisco has released a firmware update to fix a critical vulnerability in its CVR100W Wireless-N VPN routers. The flaw, tracked as CVE-2017-3882, can be exploited by attackers to trigger a denial-of-service (DoS) condition an
Publish At:2017-05-06 15:50 | Read:4290 | Comments:0 | Tags:Breaking News Hacking buffer overflow CISCO CISCO CVR100W Wi

Download and install the last iOS 10.3.1, attackers can hack you over Wi-Fi

A critical flaw could be exploited by attackers within range to “execute arbitrary code on the Wi-Fi chip,” download and install last iOS 10.3.1 version. Last week, Apple released iOS 10.3, an important release of the popular operating system the fixed more than 100 bugs and implements security improvements. Apple opted to push an emergency p
Publish At:2017-04-05 19:25 | Read:4175 | Comments:0 | Tags:Breaking News Hacking Mobile Apple buffer overflow hacking W

Security updates fix critical vulnerabilities in Flash player and Shockwave player

Adobe patches vulnerabilities in Flash Player and Shockwave for Windows, Mac, Linux and Chrome OS. Adobe issued security updates for Flash Player and Shockwave Player products. The security updates released by the company on Tuesday address seven vulnerabilities in Flash Player and one flaw in Shockwave Player. The Flash Player 25.0.0.127 version fixes criti
Publish At:2017-03-15 06:55 | Read:3905 | Comments:0 | Tags:Breaking News Security Adobe buffer overflow Flash Player pr

Critical vulnerabilities open Symantec customers to remote hack

Symantec has fixed dozens of critical vulnerabilities affecting its solutions that can be exploited by remote attackers for arbitrary code execution. The popular Google Project Zero hacker Tavis Ormandy last month reported a number of critical security issues in Symantec solutions, and this is the good news. The bad news is that Symantec promptly fixed one o
Publish At:2016-06-29 13:30 | Read:3593 | Comments:0 | Tags:Breaking News Hacking buffer overflow Google integer overflo

A bug in the Symantec Antivirus Engine allows remote memory exploitation

The white hat hacker Tavis Ormandy has discovered a critical exploitable memory overflow bug in the core Symantec Antivirus Engine The popular white hat hacker Tavis Ormandy from the Google Project Zero has discovered a critical exploitable flaw (CVE-2016-2208) in the Symantec antivirus system. The expert discovered an exploitable memory overflow vulnerabili
Publish At:2016-05-17 22:35 | Read:3523 | Comments:0 | Tags:Breaking News Hacking Security antivirus buffer overflow rem

Extremely severe bug leaves dizzying number of software and devices vulnerable

Researchers have discovered a potentially catastrophic flaw in one of the Internet's core building blocks that leaves hundreds or thousands of apps and hardware devices vulnerable to attacks that can take complete control over them.Further ReadingHow security flaws work: The buffer overflowStarting with the 1988 Morris Worm, this flaw has bitten everyone fro
Publish At:2016-02-17 04:50 | Read:4798 | Comments:0 | Tags:Risk Assessment Technology Lab buffer overflow code executio

Million CISCO ASA Firewalls potentially vulnerable to attacks

A flaw in Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. It’s a bad period for IT manufacturers, recently the security community has discovered serious and anomalous  vulnerabilities affecting popular products like Juniper equipment and Fortinet Forti OS firewalls
Publish At:2016-02-12 02:05 | Read:4241 | Comments:0 | Tags:Breaking News Hacking buffer overflow CISCO ASA Firewall CVE

Three Buffer Overflow Vulnerabilities Patched by Yokogawa

Japanese electrical engineering and software company Yokogawa has patched three stack-based buffer overflow vulnerabilities in several of its products.According to an advisory published by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), the bugs affect Yokogawa’s CENTUM series as well as Exaplog, PRM, STARDOM, and others.“
Publish At:2015-09-14 15:15 | Read:3225 | Comments:0 | Tags:Latest Security News buffer overflow denial of service SARA

Stagefright Patch Incomplete Leaving Android Devices Still Exposed

Google today released to open source a new patch for the infamous Stagefright vulnerability found in 950 million Android devices after researchers at Exodus Intelligence discovered the original patch was incomplete and Android devices remain exposed to attack.“We’ve already sent the fix to our partners to protect users, and Nexus 4/5/6/7/9/10 and
Publish At:2015-08-14 03:45 | Read:4203 | Comments:0 | Tags:Black Hat Google Mobile Security Vulnerabilities Aaron Portn

Extremely serious virtual machine bug threatens cloud providers everywhere

There's an extremely critical bug in the Xen, KVM, and native QEMU virtual machine platforms and appliances that makes it possible for attackers to break out of protected guest environments and take full control of the operating system hosting them, security researchers warned Wednesday.The vulnerability is serious because it pierces a key protection tha
Publish At:2015-05-13 17:35 | Read:6274 | Comments:0 | Tags:Risk Assessment Technology Lab buffer overflow exploits kvm

Schneider Electric Patches Buffer Overflow in ICS Products

There is a remotely exploitable buffer overflow in a handful of software products from Schneider Electric that could allow an attacker to execute arbitrary code on vulnerable machines.The vulnerability lies in a DLL that’s installed with a Device Type Manager that is part of several Schneider products, including the Unity Pro development software, the
Publish At:2015-01-29 20:05 | Read:3103 | Comments:0 | Tags:Critical Infrastructure Vulnerabilities Web Security Buffer

Tools

Tag Cloud