The next step after hackers discover a vulnerability is to exploit it, meaning that they would use pieces of software, chunks of data, sequences of commands, or open-source exploit kits to take advantage of the vulnerability for malicious purposes. By exploiting vulnerabilities, hackers intend to gain control over a system, escalate privileges, launch Denial-of-Service (DoS) attacks, etc.

Hardware security keys under the attack

Hardware security keys under the attack, Google titan security in question

While too many people still don’t know anything about Hardware security keys, such as those from Google and Yubico, Companies are trying to introduce them as the most secure hardware ever. Although these tools are highly resistant to phishing and takeover attacks, the new attacks could let hackers Clone Hardware security keys. An electromagnetic side-channel…

IBM Logo

Researcher Discloses 4 Zero-Day Vulnerabilities in IBM Data Risk Manager

A cybersecurity researcher disclosed four zero-day vulnerabilities in IBM’s enterprise security software after the company refused to fix the issues and acknowledge the private disclosure report. The vulnerabilities affect the IBM Data Risk Manager software ― a tool that provides companies with “a business-consumable data risk control center that helps to uncover, analyze, and visualize data-related business…

dark nexus

Dark Nexus, a new IoT botnet spotted in the wild

Cybersecurity researchers have discovered a new IoT botnet, tracked as Dark Nexus. The new botnet can be used to launch distributed denial-of-service (DDoS) attacks. Dark nexus has compromised hundreds of IoT devices, including routers from Dasan Zhone, Dlink, and ASUS, video recorders, and thermal cameras. Researchers from cybersecurity firm Bitdefender said in a post that the new…

Wormable Vulnerability Found In Windows

Wormable Vulnerability Found In Windows, No Patch Available

Shortly after releasing its monthly security update, Microsoft separately issued an advisory warning billions of its Windows users of a new critical, unpatched, and wormable vulnerability affecting Microsoft Server Message Block (SMB) protocol. The issue, tracked as CVE-2020-0796, is pre- remote code execution vulnerability that resides in the Server Message Block 3.0 (SMBv3) network communication protocol. Microsoft did…