The Hacker News

Critical Flaws Affect Citrix Endpoint Management (XenMobile Servers)

According to Citrix, there are a total of 5 vulnerabilities affecting on-premise instances of XenMobile servers used in enterprises to manage all apps, devices, or platforms from one central location.

Researchers Discover Several Vulnerabilities in Zoom Linux Client to Compromise Systems

Zoom has addressed several security vulnerabilities, two of which affect its Linux client that could have allowed an attacker to access a compromised system and steal user data.

Intel, ARM, IBM, AMD Processors Vulnerable to New Side-Channel Attacks

The root cause behind speculative execution attacks, such as Meltdown and Foreshadow, was misattributed to 'prefetching effect,' resulting in incomplete mitigations and countermeasures by vendors.

Researcher Demonstrates 4 New Variants of HTTP Request Smuggling Attack

A new research has identified four new variants of HTTP request smuggling attacks that work against various commercial off-the-shelf web servers and HTTP proxy servers.

Apple Touch ID Flaw Could Have Let Attackers Hijack iCloud Accounts

After the issue was reported to Apple through their responsible disclosure program, the iPhone maker addressed the vulnerability in a server-side update.

EU sanctions hackers from China, Russia, North Korea who're wanted by the FBI

The Council of the European Union has imposed its first-ever sanctions against persons or entities involved in various cyber-attacks targeting European citizens, and its member states.

Industrial VPN Flaws Could Let Attackers Target Critical Infrastructures

According to Claroty researchers, successful exploitation of these vulnerabilities can give an unauthenticated attacker direct access to the ICS devices and potentially cause some physical damage.

OkCupid Dating App Flaws Could've Let Hackers Read Your Private Messages

Check Point said OkCupid's use of deep links could enable a bad actor to send a custom link defined in the app's manifest file to open a browser window with JavaScript enabled.

Undetectable Linux Malware Targeting Docker Servers With Exposed APIs

Dubbed 'Doki,' the new multi-threaded malware leverages an undocumented method for C2 communications, involving the Dogecoin cryptocurrency blockchain to generate unique C2 domain addresses.

Researchers Reveal New Security Flaw Affecting China's DJI Drones

Security experts found that DJI Go 4 Android app not only asks for extensive permissions and collects personal data, but it also uses anti-debug and encryption techniques to thwart security analysis.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags