Updates for QNAP’s network-attached storage (NAS) systems have been released to address a critical security flaw that might allow arbitrary code injection. Customers of QNAP are being advised to update their QTS and QuTS firmware in order to fix a critical security flaw. The security flaw is tracked as (CVE-2022-27596) and rated as “Critical” (CVSS […]
The post <strong>QNAP NAS Critical Vulnerability Let Attacker Inject Arbitrary Code</strong> appeared first on Cyber Security News.
The lack of rate-limiting in Instagram was discovered by Gtm Mänôz, a security researcher from Kathmandu, Nepal. This flaw could have allowed an attacker to bypass Facebook’s two-factor authentication by validating the targeted user’s…
In an effort to ensure the safety and security of its customers, Apple has taken the necessary steps to address a potentially dangerous vulnerability that has been marked as “Zero-Day” by releasing updates for older iPhone and iPad models. The vulnerability, tracked as CVE-2022-42856, originates from a type confusion weakness within the Webkit web browser […]
The post Warning! Apple Fixes Actively Exploited iOS Zero-Day on iPhones & iPads appeared first on Cyber Security News.
Silver is an open-source command-and-control framework that is becoming increasingly popular among malicious actors at current attacks. As threat actors are opting for this option since it offers a viable alternative to commercial tools such as:- Desig…
Mandiant recently reported that a group of hackers originating from China utilized a vulnerability within FortiOS SSL-VPN that had only recently been discovered, and marked as a zero-day exploit, in December. The hackers targeted both a governmen…
Cisco released fixes for Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition to address high-severity SQL injection vulnerability. “An attacker could exploit this vulnerability by authenticating to the appl…
