Ελληνικά
Apple has released security updates for its devices after researchers identified a so-called “zero-click” exploit affecting its iMessage messaging service. The previously-unidentified vulnerability affects all of Apple’s current devices, including iPhones, iPads, Apple Watches and Mac computers, the researchers said, adding that Apple users should “immediately” update their devices. The exploit, named “FORCEDENTRY” by the University […]
Author Archives: CSIRT
The Windows Subsystem for Linux (WSL) is a companion feature released by Microsoft in 2016 to run a Linux image in a near-native environment on Windows, allowing administrators to use Linux command-line tools without using a virtual machine. This was a novel implementation, although immediately doubts about security in this development began to arise. While […]
Nearly 40 different models sold by 20 different brands Millions of home Wi-Fi routers are under attack by botnet malware, just a week after a researcher put up a blog post showing how to exploit a vulnerability in the routers’ firmware. The researcher, Evan Grant, isn’t entirely at fault for this. He’s the one who found […]
A critical security vulnerability has been disclosed in HAProxy (https://en.wikipedia.org/wiki/HAProxy) , a widely used open-source load balancer and proxy server, that could be abused by an adversary to possibly smuggle HTTP requests, resulting in unauthorized access to sensitive data and execution of arbitrary commands, effectively opening the door to an array of attacks. Tracked as CVE-2021-40346 (https://nvd.nist.gov/vuln/detail/CVE-2021-40346), […]
Two vulnerabilities in the site-building plugin could be useful tools in the hands of a skilled attacker, researchers warned. Two vulnerabilities have been found in the Gutenberg Template Library & Redux Framework plugin for WordPress, which is installed on more than 1 million websites. They could allow arbitrary plugin installation, post deletions and access to […]