Remote code Execution Vulnerability in Microsoft SharePoint [CIVN-2020-0435]

https://www.cert-in.org.in/ Severity Rating: HIGH Software Affected : Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Foundation 2010 Service Pack 2 Microsoft SharePoint Server 2019 Microsoft SharePoint Enterprise Server 2016 Overview : Multiple vulnerabilities exist in Microsoft SharePoint which could allow a remote attacker to execute arbitrary code on a targeted system. Description : These vulnerabilities exist due to improper input validation in Microsoft SharePoint. A remote attacker can send a specially crafted request and execute arbitrary code on the targeted system. Successful exploitation of these vulnerabilities may result in…

Read More

A device to hack your dreams

A wearable glove-like device that can “hack” and influence dreams, Team of MIT researchers is developing this device called “Dormio”. It senses the users slipping into hypnagogia which is the semi-lucid state between wakefulness and sleep. It plays prerecorded audio, typically comprising one word. The researchers have found that the audio content successfully showed up in people’s dreams. They have experimented with 50 people. The possibilities are endless to help cure traumatic memories or bad nightmares. However, if they move closer to commercialization there could be serious ethical concerns as…

Read More

Zoom Zero-Day Exploits Sold for $500,000

    Zoom popular video conferencing app has been in a huge controversy recently for sending data to Facebook along with encryption issues which allowed hackers to upload the Zoom recordings on Youtube. It has been rumored that the zoom account is being sold by hackers on the dark web There are two Zoom zero-day exploits one for Windows and one for Mac OS which is priced for $500,000. The major flaws in the app allow hackers to attack the user accounts and spy on their calls. Windows Zero-Day in…

Read More