Facebook has now patched two high severity vulnerabilities in its server application that could allow the remote attackers to unauthorisedly obtain sensitive information or cause a denial of service just by uploading a maliciously constructed JPEG image file. The vulnerabilities reside in HHVM.Since the affected HHVM server application is open-source and free then the both issues may also impact other websites that use HHVM including Wikipedia, Box and especially those which

Google unknowingly stored its G Suite users passwords in plain text on its servers that means any Google employee who has the permission to access  the servers could have read the passwords G Suite is a brand of cloud computing, productivity and collaboration tools, software and products developed by Google Google revealed that its G Suite platform mistakenly stored unhashed passwords due to a bug In a password recovery. Google also says that the plain text passwords were sto

One of the most advanced mobile spyware on the planet, the WhatsApp exploit installs Pegasus spyware on to Android and iOS devices. A buffer overflow vulnerability in WhatsApp VOIP stack allows remote attackers to run random code on target phones by sending a specially crafted series of SRTCP packets. The vulnerability, identified as CVE-2019-3568, can successfully be taken the advantage to install the spyware and steal data from a targeted Android phone or iPhone by making a

Cyber security experts have now founded a new malware attack linked to the notorious group DarkHydrus APT that uses Google Drive as its command-and-control server. They uses a backdoor Trojan, called RogueRobin, which infects victims computers by making them to open a Microsoft Excel document containing embedded VBA macros. Enabling the macro will drops a malicious text (.txt) file in the temporary directory and then it runs and then install the RogueRobin backdoor which is

A California based Voice-Over-IP (VoIP) services provider VOIPO has left tens GB of its customer data, containing millions of call logs, SMS, and system credentials, publicly that can be accessible to anyone without any permission. VOIPO is one of the most popular who provides the VoIP facility in US.Their unprotected database contains the phone numbers,all the SMS/MMS and certain internal credentials that exposed to the public.This is not the first time that a database cont

One of the most popular used OS-Windows 7 is going to be shutdown on January 14, 2020.After the date windows won't release any updates or security solution for Windows 7.But the Microsoft will give some of the exception to their important clients and companies.But many users including professionals are also still using Windows 7 and its death will cause them a many difficulties.However,if you are using windows 7 kindly upgrade your OS within 1 year. #internet #cybersecurity