1281 matches found
New Flaws in Top Antivirus Software Could Make Computers More Vulnerable
Cybersecurity researchers today disclosed details of security vulnerabilities found in popular antivirus solutions that could enable attackers to elevate their privileges, thereby helping malware sustain its foothold on the compromised systems. According to a report published by CyberArk research...
CVE-2020-6020
Check Point Security Management's Internal CA web management before Jumbo HFAs R80.10 Take 278, R80.20 Take 160, R80.30 Take 210, and R80.40 Take 38, can be manipulated to run commands as a high privileged user or crash, due to weak input validation on inputs by a trusted management administrator...
CVE-2020-6020
Check Point Security Management's Internal CA web management before Jumbo HFAs R80.10 Take 278, R80.20 Take 160, R80.30 Take 210, and R80.40 Take 38, can be manipulated to run commands as a high privileged user or crash, due to weak input validation on inputs by a trusted management administrator...
Input validation
Check Point Security Management's Internal CA web management before Jumbo HFAs R80.10 Take 278, R80.20 Take 160, R80.30 Take 210, and R80.40 Take 38, can be manipulated to run commands as a high privileged user or crash, due to weak input validation on inputs by a trusted management administrator...
CVE-2020-6020
Check Point Security Management's Internal CA web management before Jumbo HFAs R80.10 Take 278, R80.20 Take 160, R80.30 Take 210, and R80.40 Take 38, can be manipulated to run commands as a high privileged user or crash, due to weak input validation on inputs by a trusted management administrator...
CVE-2020-6020
CVE-2020-6020 affects Check Point Security Management’s Internal CA web management. The root cause is weak input validation on inputs by a trusted management administrator, allowing commands to be executed with high privileges or the system to crash. Affected versions are pre-R80.10 Take 278, pre...
Major Instagram App Bug Could've Given Hackers Remote Access to Your Phone
Ever wonder how hackers can hack your smartphone remotely? In a report shared with The Hacker News today, Check Point researchers disclosed details about a critical vulnerability in Instagram's Android app that could have allowed remote attackers to take control over a targeted device just by...
Check Point Endpoint Security SandBlast Agent Installed (Windows)
Binary data checkpointendpointsecurityinstalled.nbin...
Qualcomm Bugs Open 40 Percent of Android Handsets to Attack
Six serious bugs in Qualcomm’s Snapdragon mobile chipset impact up to 40 percent of Android phones in use, according research released at the DEF CON Safe Mode security conference Friday. The flaws open up handsets made by Google, Samsung, LG, Xiaomi and OnePlus to DoS and escalation-of-privilege...
Check Point Response to CVE-2020-10713 - GRUB2 bootloader is vulnerable to buffer overflow
Symptoms - CVE-2020-10713 states: "The GRUB2 boot loader is vulnerable to buffer overflow, which results in arbitrary code execution during the boot process, even when Secure Boot is enabled." For more information, refer to https://www.kb.cert.org/vuls/id/174059. Solution Gaia OS versions R81.10...
Exploit for Improper Input Validation in Microsoft
CVE-2020-1350 SIGRed Denial of Service PoC Exploit This repo...
Zoom Addresses Vanity URL Zero-Day
A previously undisclosed bug in Zoom’s customizable URL feature has been addressed that could have offered a hacker a perfect social-engineering avenue for stealing credentials or sensitive information. Disclosed by Zoom and Check Point on Thursday, the security flaw existed in the “Vanity URL”...
Exploit for Improper Input Validation in Microsoft
CVE-2020-1350 SIGRed - Windows DNS DoS Exploit Credits for...
Microsoft Tackles 123 Fixes for July Patch Tuesday
A critical DNS bug and a publicly known elevation-of-privilege flaw top Microsoft’s July Patch Tuesday list of 123 fixes. The DNS flaw is a remote code-execution bug and is touted as one of the most critical Windows vulnerabilities released this year, earning the highest-severity CVSS score of 10...
17-Year-Old Critical 'Wormable' RCE Vulnerability Impacts Windows DNS Servers
Cybersecurity researchers today disclosed a new highly critical "wormable" vulnerability—carrying a severity score of 10 out of 10 on the CVSS scale—affecting Windows Server versions 2003 to 2019. The 17-year-old remote code execution flaw CVE-2020-1350, dubbed 'SigRed' by Check Point, could allo...
Joker Malware Apps Once Again Bypass Google's Security to Spread via Play Store
Cybersecurity researchers took the wraps off yet another instance of Android malware hidden under the guise of legitimate applications to stealthily subscribe unsuspecting users for premium services without their knowledge. In a report published by Check Point research today, the malware —...
Check Point ZoneAlarm Insecure Directory Permissions Vulnerability
Check Point ZoneAlarm is a network firewall program from Check Point Israel. A security vulnerability exists in the ZoneAlarm service in Check Point ZoneAlarm that originates from the program failing to adequately validate a user-supplied symbolic link before performing a file operation. An...
Apache Guacamole Opens Door for Total Control of Remote Footprint
Apache Guacamole, a popular infrastructure for enabling remote working, is vulnerable to a slew of security bugs related to the Remote Desktop Protocol RDP, researchers have warned. Admins should update their systems to avoid attacks bent on stealing information or remote code-execution. “Once in...
Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking
A new research has uncovered multiple critical reverse RDP vulnerabilities in Apache Guacamole, a popular remote desktop application used by system administrators to access and manage Windows and Linux machines remotely. The reported flaws could potentially let bad actors achieve full control ove...
Check Point ZoneAlarm Symlink Following Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ZoneAlarm...