Proton Mail Vulnerabilities Would Allow Attackers to Steal Emails
A group of Researchers unearthed critical code Proton Mail vulnerabilities that could have jeopardized the security of Proton Mail, a renowned privacy-focused webmail service.
These vulnerabilities posed a significant risk to the privacy and confidentiality...
Akira Ransomware Attacks Exploit Zero-Day Cisco ASA Vulnerability
In recent developments, reports have surfaced regarding the Akira ransomware threat actors targeting Cisco VPNs lacking multi-factor authentication (MFA).
This vulnerability, tracked as CVE-2023-20269, can potentially allow unauthorized access to VPN connections, raising concerns about...
HPE OneView Vulnerability Let Attacker Bypass Authentication
In the Hewlett Packard Enterprise OneView Software, three security flaws have been identified, which might be remotely exploited to allow authentication bypass, disclosure of sensitive information, and denial of service.
HPE OneView is an integrated IT...
Cacti Cross-Site-Scripting Vulnerability Let Attacker Poison Database
A Stored Cross-Site Scripting (Stored XSS) vulnerability was recently discovered in Cacti that allows an authenticated user to poison the data stored in Cacti's database.
Moreover, administrative accounts can view this poisoned data, and JS...
Samsung Issued Patches for Multiple Critical Security Flaws
Samsung Mobile has issued fixes to address several security flaws discovered in Galaxy phones and tablets.
In the September 2023 security patch, 62 bugs were fixed; Google provided 27 of these fixes, and Samsung issued 35...
Windows’s File History Service Flaw Let Attackers Escalate Privileges
A Privilege Escalation was recently discovered, which affects Windows’s File History service and can be used by threat actors to gain escalated privileges on a Windows System.
This issue was reported to Microsoft, and...
Hackers Exploit Pre-Authentication RCE Vulnerabilities in Adobe ColdFusion
Adobe ColdFusion is a Java-based, commercial web app development platform using CFML for server-side programming.
ColdFusion is primarily known for its tag-based approach, which is unique. Besides this, it is also popular among developers for...
Vulnerability in IBM Security Verify Let Attacker Extract Sensitive Information
Multiple Information Disclosure vulnerabilities were discovered in the IBM Security Verify Information Queue, which can reveal several internal product details. This information can then be used to conduct further attacks.
IBM Security Verify Information Queue...
Threat and Vulnerability Roundup for the week of August 27th to September 2nd
We are glad to present the most recent news on cybersecurity in this week's Threat and Vulnerability Roundup from Cyber Writes.
The latest attack techniques, significant weaknesses, and exploits have all been highlighted. We also...
Junos OS Flaw Allows a Network-based Attacker to Launch DoS Attack
Junos OS and Junos OS Evolved have been found to be vulnerable to a DoS (Denial of Service) condition, which an unauthenticated, network-based attacker can exploit.
Juniper Networks has addressed this vulnerability on their...