Week in review: NASA server compromised, Microsoft and WordPress fix a bug, and Facebook feels another leak

Different organization had faced certain security issues previous week and common people had also suffered a lot due to those issues. Mentioning some of the highly identified security issues which affected the organization and people well as.

Employee Data Reveals in An Attack at NASA Server
The U.S. National Aeronautics and Space Administration – NASA has also been affected and faced immense security flaw in one of its servers which faced the threat through hack in October, along with different employee data was suffered as social security numbers, exposed to hackers. NASA affirms that it was alerting situation faced by the employees whose data may have been influenced in a evidence spread couple of days ago. An inquiry has been already took placed, but NASA says that the Social Security numbers and several personally noticeable information were reclaimed on the cracked server.

Microsoft Urges to Patch the 0-day Vulnerability in Internet Explorer
Another major threat affected Microsoft, who informed an out-of-band updates for its web browsing, Internet Explorer patches a zero-day flaw suffered by deadly hackers threat in targeted threats. Microsoft has acknowledged Clement Lecigne of Google’s Threat Analysis Group for reporting the vulnerability, but neither Google nor Microsoft have declared any data related the danger containing the bug. The security vulnerability is tracked as CVE-2018-8653 and it has been described as a remote code execution bug related to how the encrypting engine used by Internet Explorer carries off targets in memory.

API Vulnerability Revealed Images of 6.8 Million Users of Facebook
Facebook also faced a terror vulnerability which was exposed related to its Photo API. It could have allowed third-party apps to acquire access users images, even ones that were speculation to be sole. Its intrinsic team revealed a flaw in the Photo API according to the social media giant that impacted users who had employed Facebook credentials and allowed third-party apps to acquire access their photos. Applications that are offered access to photos are normally allowed to access specified images shared by the users on their timeline. However, due to this flaw, the developers could have got access to other photos as well, including ones shared on Facebook Marketplace or through any means likely stories or photos that were specifically uploaded to the social media service however not posted.

WordPress Fixes Privilege Escalation Bugs
Another threat of the week was the privilege advanced bugs in WordPress that RIPS Tech security analysts stated about the flaw. It was said that the hackers to get access properties that were average for administrators simply. An attacker with a user operation as low as communicator on WordPress, the free open-source Content Management System established on PHP and MySQL, could attempt the security flaws to create posts of post types they daily should not have get access to. WordPress figures out which action the user needs to accomplish when a user attempts to create or change a post, the post type the user is endeavoring to create, and whether they are allowed to use that post type. The early step is functioned by supporting a presently that can be changed from the page editor of the post sort in question.

Leave a Reply

Your email address will not be published. Required fields are marked *