vulnerabilities

Zero-day privilege escalation disclosed for Android

Android, Biz & IT, exploits, privilege escalation, Technology NEWS, vulnerabilities, zeroday / Good To SEO

Researchers have disclosed a zero-day vulnerability in the Android operating system that gives a major boost to attackers who already have a toe-hold on an affected device. The privilege-escalation flaw is located in the V4L2 driver, which Android and other Linux-based OSes use to capture real-time video. The vulnerability results from a “lack of validating […]

Zero-day privilege escalation disclosed for Android Read More »

A glut of iOS 0-days pushes their price below cost of those for Android

Android, Biz & IT, exploits, iOS, iPhones, Technology NEWS, vulnerabilities / Good To SEO

For the first time ever, the security exploit broker Zerodium is paying a higher price for zero-day attacks that target Android than it pays for comparable attacks targeting iOS. An updated price list published Tuesday shows Zerodium will now pay $2.5 million apiece for “full chain (Zero-Click) with persistence” Android zero-days compared with $2 million

A glut of iOS 0-days pushes their price below cost of those for Android Read More »

iOS vulnerability that let you jailbreak your iPhone is once again dead

Apple, Biz & IT, exploits, iOS, iPads, iPhones, jailbreak, Technology NEWS, vulnerabilities / Good To SEO

The iOS vulnerability that made it possible for users and hackers to jailbreak fully up-to-date iPhones and iPads is no more, following an update Apple released on Monday that patches the highly unusual bug. The security advisory accompanying the release of iOS version 12.4.1 says it patches a kernel vulnerability that allows malicious apps to

iOS vulnerability that let you jailbreak your iPhone is once again dead Read More »

Hackers are actively trying to steal passwords from two widely used VPNs

Biz & IT, exploits, fortigate, pulse secure, Technology NEWS, virtual private networks, VPNs, vulnerabilities / Good To SEO

Hackers are actively unleashing attacks that attempt to steal encryption keys, passwords, and other sensitive data from servers that have failed to apply critical fixes for two widely used virtual private network (VPN) products, researchers said. The vulnerabilities can be exploited by sending unpatched servers Web requests that contain a special sequence of characters, researchers

Hackers are actively trying to steal passwords from two widely used VPNs Read More »

Valve says turning away researcher reporting Steam vulnerability was a mistake

Biz & IT, hackerone, researchers, Steam, Technology NEWS, Valve, vulnerabilities / Good To SEO

In an attempt to quell a controversy that has raised the ire of white-hat hackers, the maker of the Steam online game platform said on Thursday it made a mistake when it turned away a researcher who recently reported two separate vulnerabilities. In its statement, Valve Corporation references HackerOne, the reporting service that helps thousands

Valve says turning away researcher reporting Steam vulnerability was a mistake Read More »