Monthly Archives: January 2019

WordPress Plugin Impacted By Several Zero-Day Vulnerabilities

Wordfence security analysts reported that the total donations of commercial WordPress plugin is influenced by numerous Zero-Day flaws  that are being vigorously exploited in threats.

The crucial flaws influenced entire famous versions of the WordPress plugin, containing version 2.0.5, and permit harmful attackers to acquire administrative access to impact WordPress websites. Due to unavailability of response from the developers of the plugin, the clients are considered to entirely eliminate the plugin from their installations. Total Donations is aimed to make the online donations receiving easily and offers the choice to website owners for viewing the progress bars and handle the tasks and campaigns accordingly.

Continue reading

Remote Code Execution Flaw Strikes Linux Package Manager

A distant code execution flaw was freshly detected in APT, the high level package manager employed in different Linux arrangements. Trailed as CVE-2019-3462, the software vulnerability could be employed by attackers capable to carry through network Man-in-the-Middle threats to enclose content and have it implemented on the reference machine with base privileges. Harmful package reflects can merely effort the flaw. Continue reading

New Apple Fixes To Install, Plug ins Available For iPhone, iPad, iPod

Apple has released a handful of software fixes to state security flaw in macOS, iOS, and different peripherals. The circular updates contains a large number of patches for crucial vulnerabilities in FaceTime, WebKit, Mac and iThing kernels. The modification for iOS handhelds is invoiced as iOS 12.1.3. It utilizes to iPhone 5s and the newer versions, iPad Air, and iPod Touch 6th generation and newer devices. Continue reading

DarkHydrus Group Leverage Google Drive in Recent Threats

Palo Alto Networks security analysts state that the DarkHydrus danger group has added new practicality to the payloads employed in fresh threats and is also using Google Drive for Command and Control aims. Primarily information in the summer of 2018, when it was employing open-source tools in threats marking government institutions in the Middle East. The DarkHydrus group was also listing typo-squatting domains for technology or security vendors and using novel file sorts as anti-analysis methods.

Continue reading

Review on Last Week’s Security Vulnerabilities

A review over last week’s major security vulnerabilities are mentioned here for the readers so that they may get the opportunity to read them if anyone missed previously. Such vulnerabilities took place and have affected various companies in different ways. Ultimately, necessary steps were taken by the affected companies to resolve the sort of security vulnerabilities accordingly.

Continue reading

Discovered 773 Million Records in Enormous Data Violation

Troy Hunt, Australian web security professional reveals a recently noticed set of affected login data includes approximately 773 million email ids. The web security professional, who is a Microsoft Regional Director, has been keeping a data violation search website for years that permits users to confirm whether their email ids and passwords have been harmed in openly known data violations.

Continue reading