Password-stealing “vulnerability” reported in KeePass – bug or feature?
Is it a vulnerability if someone with control over your account can mess with files that your account is allowed to access anyway?
Vulnerability
Vulnerability in Cisco industrial appliances is a potential nightmare (CVE-2023-20076)
Cisco has released patches for a high-severity vulnerability (CVE-2023-20076) found in some of its industrial routers, gateways and enterprise wireless access points, which may allow attackers to insert malicious code that can’t be deleted by sim…
Facebook & Instagram Flaw Let Anyone Bypass Two-factor Authentication
The lack of rate-limiting in Instagram was discovered by Gtm Mänôz, a security researcher from Kathmandu, Nepal. This flaw could have allowed an attacker to bypass Facebook’s two-factor authentication by validating the targeted user’s…
GitHub code-signing certificates stolen (but will be revoked this week)
There was a breach, so the bad news isn’t great, but the good news isn’t too bad…
Critical QNAP NAS vulnerability fixed, update your device ASAP! (CVE-2022-27596)
QNAP Systems has fixed a critical vulnerability (CVE-2022-27596) affecting QNAP network-attached storage (NAS) devices, which could be exploited by remote attackers to inject malicious code into a vulnerable system. Luckily for QNAP NAS owners, there&#…
Serious Security: The Samba logon bug caused by outdated crypto
Enjoy our Serious Security deep dive into this real-world example of why cryptographic agility is important!
Serious 2FA Bypass Vulnerability Affected Facebook And Instagram
A researcher won a hefty bounty for reporting a severe two-factor authentication (2FA) bypass bug…
Serious 2FA Bypass Vulnerability Affected Facebook And Instagram on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testin…
Critical Realtek Vulnerability Impacting IoT Devices Worldwide
By Deeba Ahmed
This is a critical vulnerability affecting almost 190 models of devices from 66 different manufacturers.
This is a post from HackRead.com Read the original post: Critical Realtek Vulnerability Impacting IoT Devices Worldwide
Vulnerabilities in OpenEMR Healthcare Software Expose Patient Data
Vulnerabilities in open source health records management software OpenEMR could lead to patient data compromise, remote code execution (RCE).
The post Vulnerabilities in OpenEMR Healthcare Software Expose Patient Data appeared first on SecurityWeek.
Critical OpenEMR vulnerabilities may allow attackers to access patients’ health records
Critical vulnerabilities discovered in OpenEMR can be chained to gain code execution on a server running a vulnerable version of the popular open-source electronic health record system. Discovered, privately reported and now publicly documented by rese…