RSS ze světa hackingu


Popular WooCommerce WordPress Plugin Patches Critical Vulnerability

If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new vulnerability that could compromise your online store. Simon Scannell, a researcher at RIPS Technologies GmbH, discovered an arbitrary file deletion vulnerability in the popular WooCommerce plugin that could allow a malicious or compromised privileged user to gain full control over the …

Datum: 7. 11. 2018

Flaws in Popular Self-Encrypting SSDs Let Attackers Decrypt Data

We all have something to hide, something to protect. But if you are also relying on self-encrypting drives for that, then you should read this news carefully. Security researchers have discovered multiple critical vulnerabilities in some of the popular self-encrypting solid state drives (SSD) that could allow an attacker to decrypt disk encryption and recover protected data without knowing the …

Datum: 6. 11. 2018

New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data

A team of security researchers has discovered another serious side-channel vulnerability in Intel CPUs that could allow an attacker to sniff out sensitive protected data, like passwords and cryptographic keys, from other processes running in the same CPU core with simultaneous multi-threading feature enabled. The vulnerability, codenamed PortSmash (CVE-2018-5407), has joined the list of other …

Datum: 4. 11. 2018

Accused CIA Leaker Faces New Charges of Leaking Information From Prison

Joshua Adam Schulte, a 30-year-old former CIA computer programmer who was indicted over four months ago for masterminding the largest leak of classified information in the agency's history, has now been issued three new charges. The news comes just hours after Schulte wrote a letter to the federal judge presiding over his case, accusing officials at Manhattan Metropolitan Correctional Center of …

Datum: 2. 11. 2018

Two New Bluetooth Chip Flaws Expose Millions of Devices to Remote Attacks

Security researchers have unveiled details of two critical vulnerabilities in Bluetooth Low Energy (BLE) chips embedded in millions of access points and networking devices used by enterprises around the world. Dubbed BleedingBit, the set of two vulnerabilities could allow remote attackers to execute arbitrary code and take full control of vulnerable devices without authentication, including …

Datum: 1. 11. 2018

Apple's New MacBook Disconnects Microphone "Physically" When Lid is Closed

Apple introduces a new privacy feature for all new MacBooks that "at some extent" will prevent hackers and malicious applications from eavesdropping on your conversations. Apple's custom T2 security chip in the latest MacBooks includes a new hardware feature that physically disconnects the MacBook's built-in microphone whenever the user closes the lid, the company revealed yesterday at its …

Datum: 31. 10. 2018

New iPhone Passcode Bypass Found Hours After Apple Releases iOS 12.1

It's only been a few hours since Apple releases iOS 12.1 and an iPhone enthusiast has managed to find a passcode bypass hack, once again, that could allow anyone to see all contacts' private information on a locked iPhone. Jose Rodriguez, a Spanish security researcher, contacted The Hacker News and confirmed that he discovered an iPhone passcode bypass bug in the latest version of its iOS …

Datum: 30. 10. 2018

Windows 10 Bug Let UWP Apps Access All Files Without Users' Consent

Microsoft silently patched a bug in its Windows 10 operating system with the October 2018 update (version 1809) that allowed Microsoft Store apps with extensive file system permission to access all files on users' computers without their consent. With Windows 10, Microsoft introduced a common platform, called Universal Windows Platform (UWP), that allows apps to run on any device running …

Datum: 30. 10. 2018

Unpatched MS Word Flaw Could Allow Hackers to Infect Your Computer

Cybersecurity researchers have revealed an unpatched logical flaw in Microsoft Office 2016 and older versions that could allow an attacker to embed malicious code inside a document file, tricking users into running malware onto their computers. Discovered by researchers at Cymulate, the bug abuses the 'Online Video' option in Word documents, a feature that allows users to embedded an online …

Datum: 30. 10. 2018

Signal Secure Messaging App Now Encrypts Sender's Identity As Well

Signal, the popular end-to-end encrypted messaging app, is planning to roll out a new feature that aims to hide the sender's identity from potential attackers trying to intercept the communication. Although messages send via secure messaging services, like Signal, WhatsApp, and Telegram, are fully end-to-end encrypted as they transmit across their servers, each message leaves behind some of …

Datum: 30. 10. 2018

Stránky: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144