HAProxy Found Vulnerable to Critical HTTP Request Smuggling Attack – Tempemail

A critical security vulnerability has been disclosed in HAProxy, a widely used open-source load balancer and proxy server, that could be abused by an adversary to possibly smuggle HTTP requests, resulting in unauthorized access to sensitive data and execution of arbitrary commands, effectively opening the door to an array of Continue Reading

New BrakTooth Flaws Leave Millions of Bluetooth-enabled Devices Vulnerable – Tempemail

A set of new security vulnerabilities has been disclosed in commercial Bluetooth stacks that could enable an adversary to execute arbitrary code and, worse, crash the devices via denial-of-service (DoS) attacks. Collectively dubbed “BrakTooth” (referring to the Norwegian word “Brak” which translates to “crash”), the 16 security weaknesses span across Continue Reading

India’s Koo, a Twitter-like Service, Found Vulnerable to Critical Worm Attacks – Tempemail

Koo, India’s homegrown Twitter clone, recently patched a serious security vulnerability that could have been exploited to execute arbitrary JavaScript code against hundreds of thousands of its users, spreading the attack across the platform. The vulnerability involves a stored cross-site scripting flaw (also known as persistent XSS) in Koo’s web Continue Reading

ID for social media accounts will only put the most vulnerable at risk- Tempemail

The racist abuse suffered by England’s Black footballers has once again posed questions about how to tackle the problem. Everyone seems to have a solution. Most are poorly thought-out, and likely to do more harm than good. More than 600,000 of us have thrown our weight behind a petition launched Continue Reading

Dozens of Vulnerable NuGet Packages Allow Attackers to Target .NET Platform – Tempemail

An analysis of off-the-shelf packages hosted on the NuGet repository has revealed 51 unique software components to be vulnerable to actively exploited, high-severity vulnerabilities, once again underscoring the threat posed by third-party dependencies to the software development process. In light of the growing number of cyber incidents that target the Continue Reading

NVIDIA Jetson Chipsets Found Vulnerable to High-severity Flaws – Tempemail

U.S. graphics chip specialist NVIDIA has released software updates to address a total of 26 vulnerabilities impacting its Jetson system-on-module (SOM) series that could be abused by adversaries to escalate privileges and even lead to denial-of-service and information disclosure. Tracked from CVE‑2021‑34372 through CVE‑2021‑34397, the flaws affect products Jetson TX1, Continue Reading

Nearly All Wi-Fi Devices Are Vulnerable to New FragAttacks – Tempemail

Three design and multiple implementation flaws have been disclosed in IEEE 802.11 technical standard that undergirds Wi-Fi, potentially enabling an adversary to take control over a system and plunder confidential data. Called FragAttacks (short for FRgmentation and AGgregation attacks), the weaknesses impact all Wi-Fi security protocols, from Wired Equivalent Privacy Continue Reading

F5 BIG-IP Found Vulnerable to Kerberos KDC Spoofing Vulnerability – Tempemail

Cybersecurity researchers on Wednesday disclosed a new bypass vulnerability in the Kerberos Key Distribution Center (KDC) security feature impacting F5 Big-IP application delivery services. “The KDC Spoofing vulnerability allows an attacker to bypass the Kerberos authentication to Big-IP Access Policy Manager (APM), bypass security policies and gain unfettered access to Continue Reading

FBI hacks vulnerable US computers to fix malicious malware | Hacking

The FBI has been hacking into the computers of US companies running insecure versions of Microsoft software in order to fix them, the US Department of Justice has announced. The operation, approved by a federal court, involved the FBI hacking into “hundreds” of vulnerable computers to remove malware placed there Continue Reading

Popular Netops Remote Learning Software Found Vulnerable to Hacking – Tempemail

Cybersecurity researchers on Sunday disclosed several critical vulnerabilities in remote student monitoring software Netop Vision Pro that a malicious attacker could abuse to execute arbitrary code and take over Windows computers. “These findings allow for elevation of privileges and ultimately remote code execution which could be used by a malicious Continue Reading