NIST discovers a Zero-Day vulnerability in Samsung’s FindMyMobile

NIST discovers a Zero-Day vulnerability in Samsung’s FindMyMobile

US National Institute of Standard and Technology (NIST) reported a Zero-day vulnerability in Samsung’s FindMyMobile web service. The Vulnerability codenamed (CVE-2014-8346) allows a hacker to remotely control a Samsung smartphone by triggering unexpected FindMyMobile traffic. The Popular FindMyMobile web service enables Samsung users to track their lost devices. Users can remotely execute commands such as …

Read moreNIST discovers a Zero-Day vulnerability in Samsung’s FindMyMobile

China Linked to the Zero-day attacks In Taiwan

China to Revamp its Cybersecurity Strategy

The Zero-Vulnerability is back haunt Microsoft, after an earlier patch failed to fix the bug. New reports indicate the vulnerability is being used to target to target the Taiwan entities allegedly by Chinese hackers. Microsoft had earlier warned of a Zero-vulnerability in all Windows Operating Systems expect for Window Server 2003, that could exploited by …

Read moreChina Linked to the Zero-day attacks In Taiwan

Microsoft Office PowerPoint Vulnerable to Zero-day Attack

Microsoft PowerPoint Zero-day Attack Vulnerable

Tech Giant Microsoft announced a new zero-day vulnerability that affects all versions of windows operating systems except Windows server 2003. According to an advisory issued by Microsoft, the vulnerability allows the hacker to gain full administrative rights to your system. The vulnerability codenamed CVE-2014-6352, is within the operating systems code for handling OLE (object Linking …

Read moreMicrosoft Office PowerPoint Vulnerable to Zero-day Attack

Authentication Vulnerability in PayPal Mobile API Exposes Millions of Users

Authentication Vulnerability in PayPal Mobile API Exposes

Researchers at Vulnerability Lab discovered an authentication restriction bypass in PayPal mobile API that could be exploited to access blocked accounts. The vulnerability lies in the authentication procedure for the PayPal web service. Normally, if a PayPal users enters a wrong password- Username combination several times as they try login into their account, PayPal temporarily …

Read moreAuthentication Vulnerability in PayPal Mobile API Exposes Millions of Users

All You Need to Know about The POODLE Bug

All You Need to Know about The POODLE Bug

Google researchers have discovered a serious vulnerability in SSL 3.0- a widely used web encryption technology- that could be exploited by cyber attackers to launch “Poodle” attacks over the internet. According to Google’s security expert Bodo Möller the “vulnerability allows the plaintext of secure connections to be calculated by a network attacker.” Technically, a Security …

Read moreAll You Need to Know about The POODLE Bug

All You Need Know About the ShellShock Bug

The shellshock bug has caused jitters in the security community this week. The bug which have been laying low for the last two decades, is a serious software vulnerability in UNIX-like operating systems. It is tricky to patch and very easy to manipulate. It could be easily used to compromise millions of severs and devices …

Read moreAll You Need Know About the ShellShock Bug