Google has released a security update for the Chrome browser that addresses close to a dozen vulnerabilities, including the fifth Chrome zero-day flaw exploited this year....
In BIG-IP Versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, an authenticated attacker with Resource Administrator or Manager privileges can create or modify existing monitor objects in the Co...
edAlert is a new ransomware operation aiming to encrypt Windows and Linux VMWare ESXi servers on corporate networks using the NTRUEncrypt public-key encryption algorithm. The ransomware is named after a string in the ransom text...
A Remote Code Execution vulnerability has been reported in Zoho ManageEngine ADAudit Plus which could be exploited by an unauthenticated remote attacker to execute arbitrary code on the targeted system....
Black Basta a new ransomware is focused on Windows platform its new variants targeting ESXi virtual machines running on Linux servers that facilitates the attackers with encrypting multiple servers with one command are also developed. ...
A pair of vulnerabilities in the web control panel of IT monitoring system Icinga created a route for even unauthenticated attackers to run arbitrary PHP code and hijack systems...
Researchers have disclosed critical vulnerabilities in Extensis Portfolio, including a zero-day flaw that’s yet to be patched....
A zero-day cross-site scripting (XSS) vulnerability in Horde webmail client could allow an attacker to steal a victim’s emails and infiltrate their network, researchers warn....
Implementation flaws in Google Drive integrations created server-side request forgery (SSRF) vulnerabilities in a variety of applications, a security researcher has revealed....
The maintainers of APKLeaks have patched a critical vulnerability that could be exploited for the remote execution of arbitrary code....
Cisco has patched a pair of vulnerabilities in its telco-focused Cisco Redundancy Configuration Manager (RCM) for Cisco StarOS software....
A server-side request forgery (SSRF) vulnerability in versions of VMWare authentication software could allow an attacker to obtain administrative JSON Web Tokens (JWT), researchers warn....
Despite being a known and well-documented vulnerability, web cache poisoning continues to crop up around the web....
HCL Digital Experience (DX), a platform for building and managing web portals, contained multiple vulnerabilities that could potentially lead to remote code execution (RCE), researchers claim....
A subdomain takeover vulnerability in a popular WordPress hosting platform could allow an attacker to deploy malicious code to a victim by impersonating a legitimate website, a security researcher claims....
The maintainers of popular Java logging library Apache Log4j have rushed out a patch for a critical vulnerability that could lead to remote code execution (RCE) in numerous applications....
Researchers have disclosed 13 vulnerabilities in the Nucleus TCP/IP stack, the worst of which can be used to remotely execute code....
Drupal, the widely used web content management system (CMS), has released security updates due to vulnerabilities in CKEditor, a third-party rich text editor bundled with Drupal....
Kaspersky published two advisories on Monday to warn customers about a vulnerability that can lead to unbootable systems and a phishing campaign involving messages sent from a Kaspersky email address....
Executive Summary Google has released Chrome 95.0.4638.69 for Windows, Mac, and Linux to fix two zero-day vulnerabilities that attackers have actively exploited....
Vulnerabilities in a popular WordPress plugin Fastest Cache could allow an attacker to gain access to credentials and takeover an admin account....
Multiple security vulnerabilities in open source status page system “Cachet†could allow an attacker to execute arbitrary code and steal sensitive data, researchers have warned....
Multiple critical security vulnerabilities in two VMware network administration tools that could allow an attacker to have full access to an organization’s network have been patched....
A newly discovered side-channel attack targeting Google Chrome can allow an attacker to overcome the web browser’s security defences to retrieve sensitive information using a Spectre-style attack....
A critical vulnerability in a Cisco product designed to help service providers and enterprises deploy virtualized networks can allow unauthenticated actors to bypass authentication....
The LockBit ransomware-as-a-service (RaaS) gang has recently published the name and logo of a global business consulting firm with an insider track on some of the world’s biggest, most powerful companies....
A vulnerability has been reported in VMware Tools for Windows, VMRC for Windows and VMware App Volumes was software that could allow a remote attacker to escalate privileges on the targeted system....
Microsoft recently patched a vulnerability in Microsoft Teams, a business communication platform that has surged in popularity with the shift to a remote workforce......
Hackers are taking advantage of artificial intelligence technology to create links to help them get into any system. This is the technology that many cybersecurity companies use to combat hackers. ...
Attackers were able to impersonate legitimate devices during the Bluetooth pairing process because of inherent security weaknesses ......
Opera has publicly disclosed six serious vulnerabilities that were discovered in a security audit of Privoxy, the open source web proxy software....
A pair of zero-day WebKit vulnerabilities have been reported in the Apple MacOS Big Sur and Safari which could be exploited by a remote attacker to execute arbitrary code on the targeted system....
WhatsApp is found to have a vulnerability that can allow an attacker to suspend your account remotely using your phone number. ...
In the past few years, many of the new devices connected to the Internet have not been personal computers, but rather a variety of devices embedded with Internet connectivity and functions. ...
The three vulnerabilities associated with BleedingTooth can be found in CVE-2020- 12351, CVE-2020-12352, and CVE-2020-24490. Each of these vulnerabilities affects BlueZ, the official Linux Bluetooth protocol stack. ...
The Russia-linked hackers behind a widespread cyber-intrusion into U.S. corporate and government systems were able to access internal systems within Microsoft Corp. and view internal source code, used to build software products, the company said Thur...
Microsoft warned of a new malware named Adrozek that infects devices and hijacks Chrome, Edge, and Firefox browsers by changing their settings and inject ads into search results pages. Users are redirected to fraudulent domains where they are tricked...
GravityRAT, a malware strain known for checking the CPU temperature of Windows computers to detect virtual machines or sandboxes, is now multi-platform spyware as it can now also be used to infect Android and macOS devices....
Attention Android users, Microsoft has found a new ransomware that is targeting Android smartphones and has issued an alert about it. According to reports, this ransomware is called MalLocker.B and is spreading to Android phones via online forums and...
In response to the spreading of Coronavirus across the world, many organizations deployed VPN solutions, including Fortigate VPN, to allow their employers to work from their homes. The configuration of the VPN solutions is important to keep organizat...
Another day, another malware has become the talk of town. This time, you won’t even come to know of its existence within your Android smartphone. Experts are calling it the “StrandHoggâ€. According to them, this malware disguises itself in the f...
+91-7605081711,
+91-33-24156011
Registered office : 8/14 Sahid Nagar, Gr. Floor, Kolkata - 700078
Operation Center : Module 207, SDF Building, 1st Floor Salt Lake Electronics Complex, Block EP & GP, Sector V, Salt Lake, Kolkata 700091
sales@itorizin.in, connect@itorizin.in
