Vincy Davis

Security News – Packt Hub

Last week, Google notified its users that the ‘stable channel’ desktop Chrome browser is being updated to version 78.0.3904.87 for Windows, Mac, and Linux and will be rolled out in the coming weeks. This comes after some external researchers found two high severity vulnerabilities in the Chrome web browser. The ... Read More

Yesterday, Mozilla announced that a critical security vulnerability is present in the terminal multiplexer (tmux) integration feature in all the versions of iTerm2, the GPL-licensed terminal emulator for macOS. The security vulnerability was found by a sponsored security audit conducted by the Mozilla Open Source Support Program (MOSS) which delivers ... Read More

Last week, a potentially serious and unpatched security issue was revealed in the Kubernetes API server GitHub repository by StackRox. The security lapse was due to the parsing of a Kubernetes API server deployment called YAML (Yet Another Markup Language) which is used for specifying configuration-type information. This security issue ... Read More

Today, DoorDash revealed to its users that their platform suffered a major data breach on May 4, 2019, affecting approximately 4.9 million consumers, dashers, and merchants who joined the platform on or before April 5, 2018. When DoorDash became aware of the attack earlier this month they recruited private security ... Read More

On Monday, an anonymous researcher published a zero-day pre-authentication remote code execution vulnerability in vBulletin, which allows an attacker to remotely execute malicious shell commands on any vBulletin server running versions 5.0.0 up to 5.5.4. The vulnerability was disclosed on Full Disclosure, a public access mailing list. Yesterday, the vBulletin ... Read More

Three days ago, Emotet, a dangerous malware botnet was found sending malicious emails to many countries around the globe. The maligned email with Emotet’s signature was first spotted on the morning of September 18th in countries like Germany, the United Kingdom, Poland, Italy, and the U.S.A. by targeting their individuals, ... Read More

Two days ago, Intel disclosed a vulnerability in their 2011 released line of micro processors with Data Direct I/O Technology (DDIO) and Remote Direct Memory Access (RDMA) technologies. The vulnerability was found by a group of researchers from the Vrije Universiteit Amsterdam and ETH Zurich. The researchers have presented a ... Read More

Recently, a group of researchers exposed a severe vulnerability called Key Negotiation Of Bluetooth (KNOB) that allows an attacker to break the Bluetooth Basic Rate/Extended Data Rate (BR/EDR) security. The vulnerability allows the attacker to intercept, monitor, or manipulate encrypted Bluetooth traffic between two paired devices, without being detected. The ... Read More

Last year, the Cloud Native Computing Foundation (CNCF) initiated a process of conducting third-party security audits for its own projects. The aim of these security audits was to improve the overall security of the CNCF ecosystem. CoreDNS, Envoy and Prometheus are some of the CNCF projects which underwent these audits, ... Read More

Google’s long experience and success in, protecting itself against cyberattacks plays to our advantage as customers of the Google Cloud Platform (GCP). From years of warding off security threats, Google is well aware of the security implications of the cloud model. Thus, they provide a well-secured structure for their operational ... Read More