Broken Object Level Authorization Flaw in Coursera Platform Could Expose Users Data
Checkmarx security research team analyzed the security posture of the Coursera platform since “remote everything” became the norm. The access control issues are the most important concern of this platform. The report says the Coursera...
Critical Security Vulnerabilities in the Sage X3 ERP Platform Let Attackers Take Full Control...
Rapid7 researchers found four security vulnerabilities involving in the Sage X3 Enterprise Resource Planning (ERP) platform. The first two are protocol-related issues involving remote administration of Sage X3, and the latter two are web...
Windows Print Spooler RCE Zero-day (CVE-2021-34527) Let Hackers Take Over The Entire System Remotely
Microsoft has released an emergency update for remote code execution vulnerability in Windows Print Spooler. The flaw allows a remote authenticated attacker to attacker execute arbitrary code with SYSTEM privileges. By gaining access to the...
QNAP Critical Flaw let Attackers to Compromise Vulnerable NAS Devices’ Security
QNAP Systems, Inc. has resolved a critical vulnerability that could be exploited by attackers to compromise vulnerable NAS devices security. The security advisory published by the company says, “An improper access control vulnerability tracked as...
PoC Exploit For CVE-2021-1675 Flaw Published Online Let Attackers To Compromise Windows Systems
Proof-of-concept exploits code for CVE-2021-1675 flaw, unintentionally leaks for dangerous Windows PrintNightmare bug. The flaw impacts the Windows Print Spooler service that can allow a total compromise of Windows systems. Earlier this month, Microsoft addressed...
Critical Flaws In The Atlassian Project Let Attackers Take Over Control Of Accounts And...
Check Point Research (CPR) revealed critical vulnerabilities in the Atlassian project that allow attackers to take over control of accounts and Atlassian apps through single sign-on (SSO) capability. Atlassian develops products for software developers, project...
Critical Flaw With VMware Carbon Black App Control Let Attackers Bypass Authentication
Critical authentication bypass flaw with VMware Carbon Black App Control lets attackers obtain administrative access with any authentication. The vulnerability can be tracked as CVE-2021-21998 and obtained a maximum CVSSv3 base score of 9.4. Carbon...
Tricky WiFi Hotspot Name Breaks iPhone’s Wireless Functionality
iPhone bug 'breaks' your WiFi when you use an oddly named network. A new iPhone bug has been identified which crushes your iPhone's wireless functionality by connecting to a specific WiFi hotspot. Findings of the...
Instagram Bug let Anyone to View Archived Posts and Stories of Users Private Accounts
An Indian Hacker, Mayur Fartade from Maharashtra was able to spot malicious bugs on the Instagram app. This bug allows a malicious user to view targeted media on Instagram. It allowed anyone to view details...
Critical Flaws With Pre-installed Apps on Samsung Devices let Attackers Edit the victim’s Contacts,...
Security bugs found in the pre-installed apps on Samsung devices. Sergey Toshin, founder of mobile security startup ‘Oversecured’ discovered and reported multiple dangerous vulnerabilities. The critical vulnerabilities have allowed an attacker to access and edit...
