Search the Community
Showing results for tags 'exploited'.
mood posted a topic in Security & Privacy NewsRecently Patched Android Vulnerability Exploited in Attacks Google has warned Android users that a recently patched vulnerability has been exploited in attacks. The vulnerability in question, tracked as CVE-2020-11261, was patched by Google with the Android security updates released in January 2021. The vulnerability is a high-severity improper input validation issue affecting a display/graphics component from Qualcomm. The flaw was reported to Qualcomm through Google in July 2020 and it affects a long list of chipsets. In Qualcomm’s advisory, CV
mood posted a topic in Security & Privacy NewsNespresso smart cards can be exploited for unlimited coffee Let us imagine that your Nespresso smart card had no limit to how much coffee you can buy with it. A little too convenient, isn’t it? Except, a security researcher, Polle Vanhoof explains a vulnerability that actually makes this possible. The problem lies with the Nespresso Pro machines which have been equipped with a smart card reader whose smart cards are still relying on the MIFARE Classic chip. This is not exactly something that a company should overlook considering how secur
steven36 posted a topic in Security & Privacy NewsCybersecurity researchers have disclosed details about a new watering hole attack targeting the Korean diaspora that exploits vulnerabilities in web browsers such as Google Chrome and Internet Explorer to deploy malware for espionage purposes. Dubbed "Operation Earth Kitsune" by Trend Micro, the campaign involves the use of SLUB (for SLack and githUB) malware and two new backdoors — dneSpy and agfSpy — to exfiltrate system information and gain additional control of the compromised machine. The attacks were observed during the months of March, May, and Septe
Just one week after a previously patched vulnerability in Exim mail servers was disclosed by Qualys, attackers have begun searching out vulnerable Exim systems prompting the Cybersecurity and Infrastructure Security Agency (CISA) to encourage users to update their systems to the latest version. CISA reported the vulnerability CVE-2019-10149 was detected in exploits in the wild and highly recommends Exim users employ the update. The vulnerability affects versions 4.87 to 4.91 allows a local, or in some cases, a remote attacker to execv as root, with no memor