.NET Core releases May 2019 updates
This month, during the Microsoft Build 2019, the team behind .NET Core announced that .NET Core 5 will be coming in 2020. Yesterday the team at .NET Core released the .NET Core May 2019 updates for 1.0.16, 1.1.14, 2.1.11 and 2.2.5. The updates include security, reliability fixes, and updated packages ... Read More
Facebook confessed another data breach; says it “unintentionally uploaded” 1.5 million email contacts without consent
This week, NATIONAL VULNERABILITY DATABASE (NVD) identified an integer overflow flaw in libssh2 before the release of version 1.8.1 which could lead to an out of bounds write. A remote attacker could take advantage of this flaw to compromise an SSH server and execute code on the client system when ... Read More
Mozilla developers have built BugBug which uses machine learning to triage Firefox bugs
Yesterday the team at Mozilla announced that the company is receiving hundreds of bug reports and feature requests from Firefox users on a daily basis. The team noted that it’s important to get the bugs fixed as soon as possible for the smooth functioning of the systems. Also, the developers ... Read More
Mozilla adds protection against fingerprinting and Cryptomining scripts in Firefox Nightly and Beta
Last year, the company announced about adopting an approach to anti-tracking considering user data privacy. The company listed a few key initiatives mitigating harmful practices like fingerprinting and cryptomining. Yesterday, Mozilla announced that it is adding a new feature to protect its users against threats and web annoyances in future ... Read More
Cisco merely blacklisted a curl instead of actually fixing the vulnerable code for RV320 and RV325
Last week, RedTeam Pentesting had discovered a command injection vulnerability in the web-based certificate generator feature of the Cisco RV320 router. According to RedTeam Pentesting, the feature was inadequately patched by the vendor. On Saturday, Cisco acknowledged that it had mismanaged a patch which would give rise to a vulnerability ... Read More
IBM announces the launch of Blockchain World Wire, a global blockchain network for cross-border payments
Yesterday, IBM launched its Blockchain World Wire, a global blockchain network for cross-border payments that will make use of Stablecoin by U.S. dollars and cryptocurrency to make near real-time cross border financial transactions. It is based on distributed ledger technology (DLT) for regulated financial firms. IBM Blockchain World Wire is ... Read More
Cloudflare raises $150M with Franklin Templeton leading the latest round of funding
After a long break from fundraising, yesterday Cloudflare, a U.S. based company that provides content delivery network services, Internet security, etc, announced that it raised $150 million of funding. The company also announced the joining of Stan Meresman, board member and chair of the Audit Committee of Guardant Health (GH) ... Read More
ICANN calls for DNSSEC across unsecured domain names amidst increasing malicious activity in the DNS infrastructure
Last week, the Internet Corporation for Assigned Names and Numbers (ICANN) decided to call for the full deployment of the Domain Name System Security Extensions (DNSSEC) across all unsecured domain names. ICANN took this decision because of the increasing reports of malicious activity targeting the DNS infrastructure. According to ICANN, ... Read More
Fortnite just fixed a bug that let attackers to fully access user accounts, impersonate real players and buy V-Buck
Yesterday, Epic Games, the developer of Fortnite, an online video game acknowledged the existence of a bug in the game (Fortnite). This bug could let attackers access user accounts by impersonating as real gamers and purchase V-Buck, Fortnite’s in-game currency with credit cards. This bug could also eavesdrop on record ... Read More
35-year-old vulnerabilities in SCP client discovered by F-Secure researcher
Yesterday, Harry Sintonen, researcher at F-Secure, discovered 35-year-old vulnerabilities associated with SCP (Secure Copy Protocol) client, a network protocol, that uses Secure Shell (SSH) for data transfer between hosts on a network. These SCP clients are susceptible to a malicious SCP server, which could perform unauthorized changes to the target ... Read More