Latest News
XSS is Most Rewarding Bug Bounty as CSRF is Revived
Cross-site scripting (XSS) is the most rewarding security vulnerability, according to data on the number of bug bounties paid. According
Beware!! Scammers use Google Calendar Notifications to steal the User’s Money and Identity
Scammers are abusing Google Calendar services to trick victims into giving away the personal and financial information such as passwords,
Microsoft Fixes Four SandboxEscaper Zero-Days
Microsoft has released its latest monthly security updates and there are four fixes for zero-day threats published recently by SandboxEscaper.
FBI: Don’t Trust HTTPS or Padlock on Websites
The FBI has been forced to issue an alert warning users that the sight of “HTTPS” and a padlock icon
RAMBleed, a New Side-Channel Attack That Allows Stealing Sensitive Data
Security researchers disclosed the details of RAMBleed, a new type of side-channel attack on DRAM that can allow stealing sensitive
Code Signing Shortcomings Leave Gaps for Hackers
Only a little over a quarter (28%) of global organizations have a clearly defined security process in place for code
KnowBe4 Gets Whopping $300m in Funding
A private equity giant has invested an additional $300 million in cybersecurity awareness firm KnowBe4 only three months after announcing
Messaging Service Telegram Hit by a Powerful DDoS Attack
The secure messaging app Telegram hit by a powerful DDoS attack and the users in united states and other countries
Adobe Security Update fixes Critical Vulnerabilities in Flash Player, Campaign and ColdFusion
Abode released security updates that fixes code execution vulnerability in Flash Player, Campaign and ColdFusion. The security updates for Windows,
Vulnerability in WordPress Live Chat Plugin Allows to Steal and Hijack Sessions
Security researchers at Alert Logic have discovered a vulnerability in the WordPress Live Chat plugin that could be exploited to
HaveIBeenPwned.com Open to Acquisition
Since its inception in 2013, the website HaveIBeenPwned.com (HIBP) has grown exponentially – to the point where it is no
Customs and Border Protection (CBP) Confirms Hack of a Subcontractor
Customs and Border Protection (CBP) revealed that photos of travelers and license plates collected at a single U.S. border point
FTSE 250+ Demonstrate Weak Security, but Low SMB Exposure
FTSE 250+ organizations leave an average of 35 servers and devices exposed to the open internet, while 231 have “weak
CVE-2019-2725 Oracle WebLogic Flaw Exploited in Cryptojacking Campaign
The CVE-2019-2725 vulnerability in Oracle WebLogic recently, addressed by the company, is being exploited in cryptojacking attacks, Trend Micro reports.
FBI Warns that Hackers use Secure HTTPS Websites to Trick Users and to Steal Sensitive Logins
FBI issued a warning that threat actors use secure HTTPS websites to trick the users and to acquire sensitive login
CVE-2019-12735 – Opening a Specially Crafted File in Vim or Neovim Editor Could Compromise Your Linux System
Bad news for Linux users, a flaw tracked as CVE-2019-12735 allows to hack their systems by tricking them into opening