A new vulnerability(CVE-2019-14899) was discovered in Linux and Unix-like systems which allows an attacker in the adjacent network to inject data into the TCP stream and hijack connections. This vulnerability is known to work against OpenVPN, WireGuard, and IKEv2/IPSec, but the vulnerability impacts all VPN implementations. The tor browser seems to be unaffected by this […]

Read More →

EmbedThis GoAhead is a simple and compact embedded web server which can be used to efficiently host embedded web applications. GoAhead is a very popular web server and is known to have 1.3 million installations worldwide. A researcher from Cisco Talos discovered two security bugs in GoAhead Embedded Web Server. The two vulnerabilities are tracked […]

Read More →

Mozilla has released security updates for Firefox, Firefox ESR and Thunderbird. Eleven vulnerabilities were identified and fixed in Firefox and eight in Firefox ESR and Thunderbird each. The advisories have been ranked high in severity which indicates that the vulnerabilities can be used to gather sensitive data from sites in other windows or inject data […]

Read More →

Oracle’s E-Business Suite is a collection of enterprise resource planning (ERP), customer relationship management (CRM), and supply-chain management (SCM) computer applications. Reports indicate that over 21,000 global organizations use Oracle EBS. Two critical vulnerabilities (CVE-2019-2638, CVE-2019-2633) in Oracle EBS have turned around the face of security for businesses. These vulnerabilities (also known as ORACLE EBS […]

Read More →

Spearphishing is a key weapon for attackers these days. Spam emails with malicious decoy documents are a dime a dozen. The social engineering used to lure users into opening these mails is elaborate and is unique to every attacker. To break the news, an ongoing malicious campaign was found sending fake Windows Update emails to […]

Read More →

Does the name ZombieLoad ring a bell with you? A new variant of the infamous ZombieLoad attack is around. ZombieLoad v2 enables attack on Intel CPUs which are designed to be resistant against the previously discovered MDS attacks. Zombieload v2 even affects processors in the latest Intel Cascade Lake CPU family. This new vulnerability is […]

Read More →