Chrome Extensions are a powerful means of adding functionality to the Chrome browser with features ranging from easier posting of content on social media to integrated developer tools. At the end of July and beginning of August, several Chrome Extensions were compromised after their author’s Google Account credentials were stolen via a phishing scheme. This resulted in hijacking of traffic and exposing users to potentially...
Read More
Description: Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts. Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for...
Read More
Description: Drupal 8.3.7 is a maintenance release which contain fixes for security vulnerabilities. Updating your existing Drupal 8 sites is strongly recommended. This release fixes security issues only; there are no new features nor non-security-related bug fixes in this release. Impact: A remote attacker could exploit one of these vulnerabilities to obtain or modify sensitive information. Mitigation: Updates are available. Please check specific vendor advisory for more...
Read More
World’s largest professional network LinkedIn That has more than 500 Million Registered users and LinkedIn messenger Platform Vulnerability Allows attackers spread Malware into victims by taking advantage of LinkedIn’s security restrictions Flow. LinkedIn messenger is the Mostly used Future Platform which helps to professional to Share their skills, Messenger easily send resumes, transfer academic research and share job descriptions from the LinkedIn community. Normally,LinkedIn security restrictions scan...
Read More
Description: Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. Impact: An attacker who successfully exploited the vulnerability could take control...
Read More
Description: Adobe has released security updates to address vulnerabilities in Adobe Flash Player, Acrobat, Reader, Experience Manager, and Digital Editions. Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://helpx.adobe.com/security/products/flash-player/apsb17-23.html https://helpx.adobe.com/security/products/acrobat/apsb17-24.html https://helpx.adobe.com/security/products/experience-manager/apsb17-26.html https://helpx.adobe.com/security/products/Digital-Editions/apsb17-27.html
Description: Microsoft releases security updates for August 17. This release consists of security updates for the following software: Internet Explorer Microsoft Edge Microsoft Windows Microsoft SharePoint Adobe Flash Player Microsoft SQL Server Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://portal.msrc.microsoft.com/en-us/security-guidance https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/b3d96835-f651-e711-80dd-000d3a32fc99
The Department for Transport and the Centre for Protection of National Infrastructure (CPNI) created the recommendations so that organizations can use them to build safer, more secure cars as smart technology continues to evolve. Known collectively as “the key principles of vehicle cyber security for connected and automated vehicles,” the guidelines consist of eight security best practices that organizations in the automotive sector are expected...
Read More
Throughout the years, banks have expanded their services by offering an ever-evolving set of online capabilities. As a result, financial institutions have become an obvious target for cybercrime and have been quick to deploy various layers of protection to keep their customers safe. Many cybercriminals operate like startup companies, consistently evolving methodologies and tools, and then measuring their return on investment (ROI). With banks adapting...
Read More
The developer of a very popular Google Chrome extension has regained access over his tool after an unknown hacker had managed to hijack his developer account and push a malicious version that contained adware. The extension’s name is Web Developer, a tool developed by Chris Pederick, Director of Engineering at Bleacher Report. The extension overlays a popup with various debug tools that developers can use...
Read More
