Categories Vulnerability

15 posts

Auto Added by WPeMatico

WhatsApp confirms vulnerability in its app after report of spyware attack

WhatsApp vulnerability allowed hackers to snoop on users’ calls and messages via spyware Facebook-owned WhatsApp recently confirmed vulnerability in its app that allowed attackers to install malicious spyware that could have been used for surveillance on phone calls made over the app without users’ knowledge. The vulnerability, which was first reported […]

Windows Zero-Day Vulnerability Allow Hackers To Take Complete Control Over PC

Microsoft patch zero-day vulnerability discovered by Kaspersky Labs Microsoft last week released a patch for a Windows zero-day vulnerability that could allow hackers to take full control over a targeted device. Kaspersky Lab researchers, Vasily Berdnikov and Boris Larin, who discovered the zero-day vulnerability last month reported the vulnerability to […]

150 million Xiaomi smartphones has pre-installed app that put it at security risk

Security researcher finds pre-installed apps on 150 million Xiaomi phones vulnerable to attacks Check Point researcher Slava Makkaveev discovered a vulnerability that comes as a part of Xiaomi’s pre-installed security and non-removable app ‘Guard Provider’, which ironically is meant to protect the phone from malware. “This vulnerability discovered in Xiaomi’s […]

Vulnerability in Skype app for Android allows access to phone data without a passcode

Design flaw in the Android version of Skype app allows you to unlock the phone without a password A bug hunter has discovered a vulnerability in Microsoft’s Android version of Skype app that can be exploited to access several app functions without entering passcode authentication to unlock the phone. Kosovo-based bug-hunter […]

iPhone Passcode Bypass Hack Exposes Contacts And Photos

Flaw in Apple’s iOS 12 allows an attacker to access contacts and photos in iPhone XS model A passcode bypass vulnerability has been discovered in Apple’s new iOS version 12 that could allow an attacker to access photos and contact details on a locked iPhone XS as well as other […]

iTunes’ Wi-Fi Sync Feature Vulnerable To Trustjacking Attack

iOS Trustjacking Attack Allows Hackers To Hack iPhone, iPad Security experts at Symantec have discovered a flaw that if exploited would allow attackers to compromise iOS devices without the owner’s knowledge. The latest iOS attack dubbed as “Trustjacking” exploits a vulnerability in iTunes Wi-Fi Sync, a feature that allows iOS […]

15-Year-Old Finds Vulnerability In Ledger Cryptocurrency Wallet

Ledger’s Nano S Cryptocurrency Wallet Hacked By A 15-Year-Old Teenager Saleem Rashid, a 15-year-old security researcher living in the UK, has discovered a serious vulnerability in Ledger’s hardware crypto-wallets. Ledger, is a French-based company that is famous for their “tamper-proof” hardware wallets made for physical safekeeping of public and private keys used to […]

Google discloses ‘high-severity’ exploit in Windows 10 before it’s patched

Google reveals unpatched security vulnerability in Microsoft’s Edge browser Google’s Project Zero team of security researchers disclosed a “high-severity” vulnerability it found in Microsoft’s Edge browser after the company failed to patch it within the allotted time of 90 days. The vulnerability can allow an attacker to gain administrator privileges if […]

Hunting Insecure Direct Object Reference Vulnerabilities for Fun and Profit (PART-1)

Hello Guys!! This is my first Blog post and i am starting with IDOR Vulnerability. In this Post you will know about many endpoints to test IDOR vulnerability! Hope you will like it. Arbaz Hussain get invitation to test one private program and find vulnerabilities with his team mates but he […]

Web Application Firewall (WAF) Evasion Techniques #2

String concatenation in a Remote Command Execution payload makes you able to bypass firewall rules (Sucuri, ModSecurity) In the and ModSecurity. Probably, reading this code, you’ll think that it’s too much stupid and simple and that no one uses curl inside a system() function instead of using the PHP curl […]