HackDig : Dig high-quality web security articles for hackers

IBM addressed flaws in Java Runtime, Planning Analytics Workspace, Kenexa LMS

IBM has released security patches to address high- and medium-severity vulnerabilities impacting some of its enterprise solutions.  IBM has released security updates to address several high- and medium-severity flaws affecting some of its enterprise products, including IBM Java Runtime, IBM Planning Analytics Workspace, and IBM Kenexa LMS On Premise. 
Publish At:2021-02-23 15:42 | Read:56 | Comments:0 | Tags:Breaking News Security buffer overflow DOS Hacking hacking n

DNSpooq bugs haunt dnsmasq

The research team at JSOF found seven vulnerabilities in dnsmasq and have dubbed them DNSpooq, collectively. Now, some of you may shrug and move on, probably because you haven’t heard of dnsmasq before. Well, before you go, you should know that dnsmasq is used in a wide variety of phones, routers, and other network devices, besides some Linux distribut
Publish At:2021-01-21 14:30 | Read:187 | Comments:0 | Tags:Exploits and vulnerabilities buffer overflow cve-2020-25681

Mozilla patches critical security issues in Firefox and Thunderbird

Mozilla has issued a critical patch for Firefox, Firefox ESR, and Thunderbird after a security issue was discovered at the Tianfu Cup 2020 International Cybersecurity Contest The security issue has been assigned CVE-2020-26950 which has the “reserved” status. Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures
Publish At:2020-11-10 14:47 | Read:397 | Comments:0 | Tags:Exploits and vulnerabilities buffer overflow cve-2020-26950

Critical buffer overflow in CODESYS allows remote code execution

Experts discovered an easily exploitable heap-based buffer overflow flaw, tracked as CVE-2020-10245, that exists in the CODESYS web server. A critical heap-based buffer overflow flaw in a web server for the CODESYS automation software for engineering control systems could be exploited by a remote, unauthenticated attacker to crash a server or execute arbi
Publish At:2020-03-28 12:22 | Read:1880 | Comments:0 | Tags:Breaking News Hacking ICS-SCADA buffer overflow CODESYS heap

Serious Security: Understanding how computers count

byPaul DucklinWe recently wrote up a fascinatingly scary warning about server hard drives that might abruptly and utterly fail.HPE warned its customers that a wide variety of its solid state disks (SSDs) needed an urgent firmware update to prevent them sailing over the edge of the earth into oblivion.The disks weren’t badly manufactured; they werenR
Publish At:2019-12-09 17:35 | Read:1495 | Comments:0 | Tags:Vulnerability buffer overflow Bug overflow serious security

Information and Communication Technology (ICT) Industry: Second-Most Attacked Sector in 2016

The information and communication technology (ICT) industry has evolved greatly over the last several decades. The interconnected nature of ICT devices and systems, along with modern society’s dependence on the technologies and services this sector provides, increases the risk of cyberattack. Furthermore, firms in this industry often act as a clearingh
Publish At:2017-07-10 21:30 | Read:5582 | Comments:0 | Tags:Industries Threat Intelligence X-Force Research Buffer Overf

Experts found a critical remote buffer overflow vulnerability in Skype

The security expert Benjamin Kunz-Mejri from security firm Vulnerability Lab discovered a remote zero-day stack buffer overflow vulnerability in Skype. The security expert Benjamin Kunz-Mejri from security firm Vulnerability Lab discovered a Skype zero-day stack buffer overflow vulnerability, tracked as CVE-2017-9948, that could be exploited by a remot
Publish At:2017-06-28 16:00 | Read:4355 | Comments:0 | Tags:Breaking News Hacking buffer overflow Skype Vulnerability

Cisco fixes a critical flaw in CISCO CVR100W Wireless-N VPN Small Business Routers

Cisco released a firmware update to fix a critical buffer overflow vulnerability in CISCO CVR100W Wireless-N VPN Small Business Routers. Cisco has released a firmware update to fix a critical vulnerability in its CVR100W Wireless-N VPN routers. The flaw, tracked as CVE-2017-3882, can be exploited by attackers to trigger a denial-of-service (DoS) condition an
Publish At:2017-05-06 15:50 | Read:4762 | Comments:0 | Tags:Breaking News Hacking buffer overflow CISCO CISCO CVR100W Wi

Download and install the last iOS 10.3.1, attackers can hack you over Wi-Fi

A critical flaw could be exploited by attackers within range to “execute arbitrary code on the Wi-Fi chip,” download and install last iOS 10.3.1 version. Last week, Apple released iOS 10.3, an important release of the popular operating system the fixed more than 100 bugs and implements security improvements. Apple opted to push an emergency p
Publish At:2017-04-05 19:25 | Read:4550 | Comments:0 | Tags:Breaking News Hacking Mobile Apple buffer overflow hacking W

Security updates fix critical vulnerabilities in Flash player and Shockwave player

Adobe patches vulnerabilities in Flash Player and Shockwave for Windows, Mac, Linux and Chrome OS. Adobe issued security updates for Flash Player and Shockwave Player products. The security updates released by the company on Tuesday address seven vulnerabilities in Flash Player and one flaw in Shockwave Player. The Flash Player 25.0.0.127 version fixes criti
Publish At:2017-03-15 06:55 | Read:4351 | Comments:0 | Tags:Breaking News Security Adobe buffer overflow Flash Player pr

Critical vulnerabilities open Symantec customers to remote hack

Symantec has fixed dozens of critical vulnerabilities affecting its solutions that can be exploited by remote attackers for arbitrary code execution. The popular Google Project Zero hacker Tavis Ormandy last month reported a number of critical security issues in Symantec solutions, and this is the good news. The bad news is that Symantec promptly fixed one o
Publish At:2016-06-29 13:30 | Read:3939 | Comments:0 | Tags:Breaking News Hacking buffer overflow Google integer overflo

A bug in the Symantec Antivirus Engine allows remote memory exploitation

The white hat hacker Tavis Ormandy has discovered a critical exploitable memory overflow bug in the core Symantec Antivirus Engine The popular white hat hacker Tavis Ormandy from the Google Project Zero has discovered a critical exploitable flaw (CVE-2016-2208) in the Symantec antivirus system. The expert discovered an exploitable memory overflow vulnerabili
Publish At:2016-05-17 22:35 | Read:4080 | Comments:0 | Tags:Breaking News Hacking Security antivirus buffer overflow rem

Extremely severe bug leaves dizzying number of software and devices vulnerable

Researchers have discovered a potentially catastrophic flaw in one of the Internet's core building blocks that leaves hundreds or thousands of apps and hardware devices vulnerable to attacks that can take complete control over them.Further ReadingHow security flaws work: The buffer overflowStarting with the 1988 Morris Worm, this flaw has bitten everyone fro
Publish At:2016-02-17 04:50 | Read:5400 | Comments:0 | Tags:Risk Assessment Technology Lab buffer overflow code executio

Million CISCO ASA Firewalls potentially vulnerable to attacks

A flaw in Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. It’s a bad period for IT manufacturers, recently the security community has discovered serious and anomalous  vulnerabilities affecting popular products like Juniper equipment and Fortinet Forti OS firewalls
Publish At:2016-02-12 02:05 | Read:4593 | Comments:0 | Tags:Breaking News Hacking buffer overflow CISCO ASA Firewall CVE

Three Buffer Overflow Vulnerabilities Patched by Yokogawa

Japanese electrical engineering and software company Yokogawa has patched three stack-based buffer overflow vulnerabilities in several of its products.According to an advisory published by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), the bugs affect Yokogawa’s CENTUM series as well as Exaplog, PRM, STARDOM, and others.“
Publish At:2015-09-14 15:15 | Read:3549 | Comments:0 | Tags:Latest Security News buffer overflow denial of service SARA

Tools

Tag Cloud