Vulnerabilities

Samsung Essential Patches 0-Click on Device Vulnerability

Samsung launched its May 2020 security update kit for Android smartphones this week, which includes a crucial vulnerability fix that has affected all of its devices since 2014. In addition to the patches in the Android Security Bulletin – May 2020, the handset maker’s patch updates 19 vulnerabilities unique to Samsung smartphones. The most prominent…

New GitHub Apps Help you Find Bugs and Secrets in the Code

GitHub revealed on Wednesday two new security features designed to help developers find bugs and hidden secrets in their code. At its Satellite Virtual Conference, the company unveiled many new products, including those designed to help customers write and access more safe code. Both additional security features, code scanning and hidden scanning, are currently available…

Beware of Fraudulent Microsoft Teams Alerts Designed to Steal Employees Passwords

A new phishing program aimed at stealing login credentials from workers by impersonating alerts from Microsoft Teams. As a result of the COVID-19 pandemic scenario, many businesses have switched to full-time remote work, with attackers taking advantage of it. Fake Microsoft Teams Alerts Attackers use crafted emails that tend to be automatic email updates coming…

Adobe Patches 22 The Bridge Vulnerabilities, Illustrator

Adobe revealed on Tuesday that the latest updates to its Bridge and Illustrator apps are patching 22 vulnerabilities, including those that have been rated critical. The update of Adobe Bridge 10.0.4 for Windows and MacOS has patched a total of 17 vulnerabilities. Critical flaws have been identified as stack-based buffer overflow, heap overflow, out-of-bound write,…

Tencent Partners for the Bug Bounty Scheme with HackerOne

HackerOne revealed on Tuesday that Chinese technology company Tencent’s bug bounty system is now available through its website. More than 600,000 hackers registered on HackerOne will enter Tencent’s bug bounty program in search of vulnerabilities in the company’s products. Tencent, on the other hand, would exploit the HackerOne network for bounty payments. The HackerOne group…

Wormable Windows SMBv3 RCE Vulnerability Patches Issued by Microsoft-More than 48000 hosts are vulnerable

Microsoft has patched a crucial Windows SMBv3 Client / Server remote code execution vulnerability that allows an attacker to remotely execute code. The bug can be monitored as CVE-2020-0796 and only Windows 10 and Windows Server 1903 are affected. This was mistakenly leaked as part of the March 2020 Patch update on Tuesday. SMBv3 RCE…

VMware Workstation vital flaw, Fusion Makes Host Code Execution

Three significant vulnerabilities have been patched in VMware products, including a crucial Workstation and Fusion bug that can be exploited to execute arbitrary host code from the guest operating system. The main fault, tracked as CVE-2020-3947, is caused by a bug in the vmnetdhcp portion after free usage. “The successful operation of this issue may…

Remote desktop contact manager Microsoft deprecates

This week Microsoft confirmed that the Remote Desktop Link Manager (RDCMan) has been deprecated due to security issues. The app has been around for decades and enables users to handle multiple remote desktop connections, but Microsoft has long invested in other solutions to provide remote desktop access to users. The technology giant urged users instead…

Intel’s Devices in 2019 Patched over 230 Vulnerabilities

According to the 2019 Software Security Study, Intel fixed more than 230 vulnerabilities in its products last year but under a dozen have affected its processors. Intel said in 2019, it learned about 236 vulnerabilities, 144 of which were internally found by its employees. Internally found problems included 61 percent of high-gravity weaknesses and 75…