Browsing CategoryVulnerability

cPanel 2FA Bypass

Digital Defense, Inc., a leader in vulnerability and threat management solutions, announced that its Vulnerability Research Team (VRT) exposed a previously undisclosed vulnerability affecting the cPanel & WebHost Manager (WHM) web hosting platform. cPanel & WHM is a suite of tools built for Linux OS that enables hosting providers and users the ability to automate server management and […]

The post cPanel 2FA Bypass Exposes Tens of Millions of Websites to Hack appeared first on GBHackers On Security.

Telsa Flaw Let Attackers to Steal Vehicles in Minutes

90 seconds and $195 is all it takes to steal your brand new $100,000 Tesla Model X!! Computer Security and Industrial Cryptography (COSIC) Researchers from the University of Leuven, Belgium have discovered a few major security flaws in the keyless entry system of the Tesla Model X. Tesla Model S was also hacked by the […]

The post Telsa Flaw Let Attackers to Steal Vehicles in Minutes appeared first on GBHackers On Security.

Multiple Critical Flaws in Cisco Security Manager Let Attackers to Execute Remote Code

Cisco, this week, published an advisory, CVE-2020-27130, stating that a vulnerability was identified and resolved in Cisco Security Manager that could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is severe and has been scored 9.1 on the Common Vulnerability Scoring System (CVSS). Affected products and versions This vulnerability affects […]

The post Multiple Critical Flaws in Cisco Security Manager Let Attackers to Execute Remote Code appeared first on GBHackers On Security.

Chrome 87 Released with Improved Performance and Security Updates

Google has released Chrome 87 on November 17th, 2020, to the Stable desktop channel, and it includes numerous performance improvements, security fixes, and new features. With Chrome 87, 33 bug that affected previous version of the Chrome. Users are recommended to update with the latest stable version. With Chrome 87 now promoted to the Stable channel, Chrome […]

The post Chrome 87 Released with Improved Performance and Security Updates appeared first on GBHackers On Security.

WebLogic Servers Flaw

Attackers are found to be exploiting Oracle WebLogic Servers via CVE-2020–14882 to install Cobalt Strike which will allow persistent remote access to the compromised devices. Testing the vulnerability The latter half of last week saw a flurry of scans against Oracle’s WebLogic Server to check the vulnerability of CVE-2020-14882. It is important to note that […]

The post Hackers Attacking WebLogic Servers via CVE-2020–14882 Flaw to install Cobalt Strike Malware appeared first on GBHackers On Security.

Cisco AnyConnect VPN zero-day Vulnerability, Exploit Code Available

Cisco, the California based tech giant, has identified and disclosed a vulnerability via advisory CVE-2020-3556, regarding the InterProcess Communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software that would allow an authenticated, local attacker to cause a targeted AnyConnect user to execute a malicious script. Vulnerability The IPC channel of Cisco AnyConnect Secure Mobility […]

The post Cisco AnyConnect VPN zero-day Vulnerability, Exploit Code Available appeared first on GBHackers On Security.

Oracle Emergency Patch

IT giant Oracle, on 1st November 2020, issued a Security Alert Advisory, CVE-2020-14750, regarding a remote code execution vulnerability on Oracle WebLogic Server. Oracle WebLogic Server is a Java EE application server. The latest version being WebLogic Server 14c(14.1.1) released on March 30, 2020. Security Alert Advisory The Security Alert offers recommendations to the vulnerability […]

The post Oracle Issues Emergency Patch for Remote Code Execution Vulnerability in Oracle WebLogic Server appeared first on GBHackers On Security.