What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-11-18 09:56:03 | Attackers using WhatsApp MP4 video files vulnerability can remotely execute code (lien direct) | The buffer overflow flow bug has been disclosed by Facebook. | Vulnerability | ||
|
2019-11-14 14:44:43 | Windows & Linux get options to disable Intel TSX to prevent Zombieload v2 attacks (lien direct) | Disclosure of new Zombieload v2 vulnerability prompts OS makers to react with ways to disable Intel's TSX technology. | Vulnerability | ||
|
2019-11-12 16:05:19 | McAfee antivirus software impacted by code execution vulnerability (lien direct) | The severe security flaw can bypass self-defense mechanisms. | Vulnerability | ||
|
2019-11-06 00:53:28 | Libarchive vulnerability can lead to code execution on Linux, FreeBSD, NetBSD (lien direct) | Bug discovered by Google. Impacts Linux and BSD distros, but not Windows and macOS. | Vulnerability | ||
|
2019-10-29 10:13:00 | Major vulnerability patched in the EU\'s eIDAS authentication system (lien direct) | Exclusive: Vulnerability would have allowed attackers to pose as any EU citizen or business. | Vulnerability | ||
|
2019-10-12 07:00:05 | Vulnerability found and fixed in HP bloatware (lien direct) | HP releases security update for HP Touchpoint Analytics app. Device owners advised to update. | Vulnerability | ★★★ | |
|
2019-10-07 09:25:04 | D-Link router remote code execution vulnerability will not be patched (lien direct) | The security issue won't be resolved, considering the age of the products. | Vulnerability | ||
|
2019-10-04 07:29:17 | Google finds Android zero-day impacting Pixel, Samsung, Huawei, Xiaomi devices (lien direct) | Vulnerability was patched in older Android OS versions, but resurfaced in newer releases. | Vulnerability | ★★★ | |
|
2019-10-03 10:45:45 | WhatsApp vulnerability exploited through malicious GIFs to hijack chat sessions (lien direct) | Personal files and messages are at risk in unpatched builds of the app. | Vulnerability | ★★ | |
|
2019-09-23 11:28:34 | Privilege escalation vulnerability patched in Forcepoint VPN for Windows (lien direct) | The bug could also be used post-exploit to circumvent PC defenses. | Vulnerability | ||
|
2019-09-19 09:59:11 | Patch now: 1,300 Harbor cloud registries open to attack (lien direct) | A severe critical privilege escalation vulnerability has been found in the open source registry software. | Vulnerability | ★★★ | |
|
2019-09-16 11:00:06 | Popular consumer and enterprise routers, IoT devices contain remote access vulnerabilities (lien direct) | A new study reveals vulnerability rates are not decreasing in our connected devices -- far from it. | Vulnerability | ||
|
2019-09-16 08:45:40 | LastPass bug leaks credentials from previous site (lien direct) | LastPass has released a fix last week. Vulnerability details are now public. Users advised to update. | Vulnerability | LastPass | |
|
2019-09-12 10:20:03 | Google discloses vulnerability in Chrome OS \'built-in security key\' feature (lien direct) | Security issue fixed in late June, with the release of Chrome OS 75. Additional remediation steps below. | Vulnerability | ||
|
2019-08-15 10:18:01 | Trend Micro fixes privilege escalation security flaw in Password Manager (lien direct) | The vulnerability could be used for privilege escalation and code execution attacks. | Vulnerability | ||
|
2019-08-13 18:02:03 | Vulnerability in Microsoft CTF protocol goes back to Windows XP (lien direct) | Insecure CTF protocol allows hackers to hijack any Windows app, escape sandboxes, get admin rights. | Vulnerability | ★★★★ | |
|
2019-08-13 12:32:01 | Steam vulnerability reportedly exposes Windows gamers to system hijacking (lien direct) | The researcher was asked not to disclose the bug but did so anyway. | Vulnerability | ||
|
2019-08-08 19:00:00 | Decade-old remote code execution bug found in phones used by Fortune 500 (lien direct) | The firmware vulnerability lurked undetected for ten years. | Vulnerability | ||
|
2019-08-06 11:05:00 | Unpatched KDE vulnerability disclosed on Twitter (lien direct) | Just viewing --not running-- a malicious .desktop or .directory file inside a file browser can run malicious code on a user's system. | Vulnerability | ||
|
2019-07-23 12:36:00 | Critical flaw in Palo Alto VPN solution impacts Uber, other enterprises may be at risk (lien direct) | Updated: The critical vulnerability exists in old, vulnerable versions of the software still in use by companies including Uber. | Vulnerability | Uber | |
|
2019-07-23 11:19:04 | Remote code execution vulnerability in VLC remains unpatched (lien direct) | The bug is present in VLC's latest release. | Vulnerability | ||
|
2019-07-19 21:04:00 | Hackers target 62 US colleges by exploiting ERP vulnerability (lien direct) | Attacks failed; however, the Department of Education is alerting colleges about ongoing exploitation attempts. | Vulnerability | ||
|
2019-07-05 10:47:05 | Tor Project to fix bug used for DDoS attacks on Onion sites for years (lien direct) | Tor vulnerability has been exploited for years and has been used for censorship, sabotage, and extortion of Onion sites. | Vulnerability | ||
|
2019-07-02 20:06:02 | US Cyber Command issues alert about hackers exploiting Outlook vulnerability (lien direct) | US Cyber Command shares links to new malware exploiting an Outlook bug patched in 2017. | Malware Vulnerability | ||
|
2019-06-30 16:25:04 | Bulgarian IT expert arrested after demoing vulnerability in kindergarten software (lien direct) | Vulnerability allowed him to download data of over 235,000 Bulgarian citizens. | Vulnerability | ||
|
2019-06-24 08:45:02 | User data stolen from \'human hacking\' forum Social Engineered, published on rival site (lien direct) | A vulnerability in MyBB has been blamed. | Vulnerability | ★★★★★ | |
|
2019-06-20 08:51:00 | Tor Browser 8.5.2 release patches critical Firefox vulnerability exploited in the wild (lien direct) | The release resolves a critical Mozilla Firefox vulnerability in active use. | Vulnerability | ||
|
2019-06-11 22:56:02 | Microsoft blocks BLE security keys with known pairing vulnerability (lien direct) | Windows security update will block pairing of certain weak BLE security keys at the OS level. | Vulnerability | ||
|
2019-06-09 14:45:05 | Microsoft warns about email spam campaign abusing Office vulnerability (lien direct) | Dangerous spam campaign targets European users with backdoor trojan. | Spam Vulnerability | ||
|
2019-06-05 21:07:02 | New RCE vulnerability impacts nearly half of the internet\'s email servers (lien direct) | Exim vulnerability lets attackers run commands as root on remote email servers. | Vulnerability | ★★★★★ | |
|
2019-05-15 18:12:01 | Google to replace faulty Titan security keys (lien direct) | Vulnerability in Bluetooth pairing protocol forces Google to replace Titan keys sold in the US. | Vulnerability | ||
|
2019-04-04 15:40:00 | Vulnerability found in Xiaomi phones\' pre-installed security app (lien direct) | Interactions between Avast and AVL SDKs spawned dangerous flaw on Xiaomi smartphones. | Vulnerability | ||
|
2019-04-04 12:17:00 | Researcher publishes Google Chrome exploit (lien direct) | Vulnerability patched in Chrome's V8 JavaScript engine, but the fix has not yet reached the Chrome stable branch. | Vulnerability | ||
|
2019-04-02 11:55:05 | Hackers reveal how to trick a Tesla into steering towards oncoming traffic (lien direct) | A root vulnerability and a few stickers were all it took. | Vulnerability | Tesla | |
|
2019-03-29 13:06:03 | Google security engineer discloses zero-day flaw in TP-Link smart home routers (lien direct) | The zero-day vulnerability was disclosed publicly after TP-Link failed to respond. | Vulnerability | ||
|
2019-03-27 10:25:00 | Nvidia patches code execution vulnerability in GeForce Experience (lien direct) | The severe security flaw can also lead to denial of service attacks and privilege escalation. | Vulnerability Guideline | ||
|
2019-03-22 10:42:03 | Critical flaw revealed in Facebook Fizz TLS project (lien direct) | The DoS vulnerability is trivially easy to trigger. | Vulnerability | ||
|
2019-03-20 13:00:00 | Google Photos vulnerability could have let hackers retrieve image metadata (lien direct) | Browser side-channel leaks are emerging as the next big threat for per-target stalking ops. | Vulnerability Threat | ||
|
2019-03-19 17:15:00 | Severe security bug found in popular PHP library for creating PDF files (lien direct) | Vulnerability patched last year, but many websites and web apps will most likely remain vulnerable for years. | Vulnerability | ||
|
2019-03-15 12:41:03 | \'100 unique exploits and counting\' for latest WinRAR security bug (lien direct) | As expected, the recent WinRAR vulnerability is now being abused en-masse by multiple threat actors. | Vulnerability Threat | ||
|
2019-03-12 16:23:00 | Vulnerability in Swiss e-voting system could have led to vote alterations (lien direct) | A fix has been deployed to Switzerland's e-voting system, slated to roll out later this year. | Vulnerability | ||
|
2019-03-04 13:06:02 | Google\'s Project Zero reveals zero-day macOS vulnerability to the public (lien direct) | The copy-on write vulnerability has not been patched. | Vulnerability | ||
|
2019-02-22 10:28:02 | Adobe sends out second fix for critical Reader data leak vulnerability (lien direct) | The original patch issued for the zero-day can be bypassed. | Vulnerability | ||
|
2019-02-13 01:33:05 | New macOS security flaw lets malicious apps steal your Safari browsing history (lien direct) | Vulnerability is not remotely exploitable. Users need to install a malicious app beforehand. Exploitation details have been shared privately with Apple's security team last week. | Vulnerability | ||
|
2019-02-12 22:37:04 | Dirty Sock vulnerability lets attackers gain root access on Linux systems (lien direct) | After Dirty COW caused headaches in 2016, now Linux sysadmins have to worry about Dirty Sock. | Vulnerability | ||
|
2019-02-12 09:34:05 | Micropatch released for Adobe Reader zero-day vulnerability (lien direct) | The 0patch fix temporarily patches a data-stealing exploit in Adobe Reader. | Vulnerability | ||
|
2019-02-11 21:10:03 | WordPress plugin flaw lets you take over entire sites (lien direct) | Vulnerability found in social sharing plugin named "Simple Social Buttons," installed on more than 40,000 WordPress sites. | Vulnerability | ||
|
2019-02-10 18:37:04 | Microsoft: Improved security features are delaying hackers from attacking Windows users (lien direct) | If a vulnerability is exploited, it is most likely going to be exploited as zero-day, or an old security bug for which users and companies have had enough time to patch. | Vulnerability | ||
|
2019-02-05 21:31:00 | Zcash cryptocurrency fixes infinite counterfeiting vulnerability (lien direct) | Zcash devs keep dangerous flaw secret for eight months while they prepare and ship a much-needed fix. | Vulnerability | ||
|
2019-01-30 09:27:03 | Severe vulnerability in Apple FaceTime found by Fortnite player (lien direct) | The teen's mother attempted to contact Apple with no success. | Vulnerability |
To see everything:
Our RSS (filtrered)
