A popular version of the Magento ecommerce platform is vulnerable to a remote code execution bug, putting as many as 200,000 online retailers at risk.
Tag Archives: remote code execution
Beware of an Unpatched Microsoft Word 0-Day Flaw being Exploited in the Wild
It’s 2017, and opening a simple MS Word file could compromise your system.
Security researchers are warning of a new in-the-wild attack that silently installs malware on fully-patched computers by exploiting a serious — and yet unpatched — zero-day vulnerability in all current versions of Microsoft Office on fully-patched PCs.
The Microsoft Office zero-day attack, uncovered by researchers
Apache Attack Traffic Dropping, Limited to Few Sources
While probes looking for vulnerable Apache Struts 2 deployments continue, malicious traffic has tapered off, researchers at Rapid7 said.
Attacks Heating Up Against Apache Struts 2 Vulnerability
Apache administrators are urged to immediately upgrade the Struts 2 web application framework to address a remote code execution flaw under public attack.
Critical Flaw in ESET Antivirus Exposes Mac Users to Remote Hacking
What could be more exciting for hackers than exploiting a vulnerability in a widely used software without having to struggle too much?
One such easy-to-exploit, but critical vulnerability has been discovered in ESET’s antivirus software that could allow any unauthenticated attackers to remotely execute arbitrary code with root privileges on a Mac system.
The critical security flaw, tracked
Updated Firmware Due for Serious TP-Link Router Vulnerabilities
A researcher disclosed vulnerabilities in TP-Link C2 and C20i routers that allow for remote code execution and denial-of-service attacks with authentication.
1.5M Unpatched WordPress Sites Hacked Following Vulnerability Disclosure
WordPress security experts said that 1.5M sites have been defaced following the disclosure of a silently fixed content injection vulnerability.
Smile! Hackers Can Remotely Access Your Samsung SmartCam Security Cameras
It’s not necessary to break into your computer or smartphone to spy on you. Today all devices in our home are becoming more connected to networks than ever to make our lives easy.
But what’s worrisome is that these connected devices can be turned against us, anytime, due to lack of stringent security measures and insecure encryption mechanisms implemented in these Internet of Things (IoTs)
Microsoft Releases 4 Security Updates — Smallest Patch Tuesday Ever!
In Brief
Microsoft has issued its first Patch Tuesday for 2017, and it’s one of the smallest ever monthly patch releases for the company, with only four security updates to address vulnerabilities in its Windows operating system as well as Adobe Flash Player.
Meanwhile, Adobe has also released patches for more than three dozen security vulnerabilities in its Flash Player and Acrobat/Reader
Critical Updates — RCE Flaws Found in SwiftMailer, PhpMailer and ZendMail
A security researcher recently reported a critical vulnerability in one of the most popular open source PHP libraries used to send emails that allowed a remote attacker to execute arbitrary code in the context of the web server and compromise a web application.
Disclosed by Polish security researcher Dawid Golunski of Legal Hackers, the issue (CVE-2016-10033) in PHPMailer used by more than 9
