Vulnerabilities (Page 232)

Critical Vulnerabilities in 3G/4G Modems

On: December 3, 2015

This report is the continuation of “#root via SMS”, a research made by the SCADA Strangelove team in 2014. It was devoted to telecommunications equipment vulnerabilities with modem flaws onlyRead More →

Advantech ICS Gear Still Vulnerable to Shellshock, Heartbleed

On: December 3, 2015

In: Vulnerabilities

Twice in the past year, security researchers have found and reported critical vulnerabilities in Modbus gateways built by Advantech that are used to connect serial devices in industrial control environmentsRead More →

Critical Medical Equipment Vulnerable to LDAP and SQL Injection Attacks

On: December 2, 2015

In: Vulnerabilities

Attackers can bypass authentication and access patient data. CERT/CC sounded the alarm on users of the Cardio Server ECG Management System, a broad-scope healthcare data management system used in many medicalRead More →

Tech support scams join forces with Nuclear EKs to distribute ransomware

On: December 2, 2015

In: Vulnerabilities

Apparently tech support scams never get old. But they have gotten more aggressive, according to a Symantec blog post penned by researcher Deepak Singh. “We’ve recently seen many instances where attackersRead More →

Multiple serious vulnerabilities in RSI Videofied’s alarm protocol

On: November 30, 2015

In: Vulnerabilities

RSI Videofied are a French company that produce a series of alarm panels that are fairly unique in the market. They are designed to be battery powered and send videosRead More →

Google Translate Website Affected by XSS Bug, Google Says It’s OK

On: November 28, 2015

In: Vulnerabilities

The bug is in the website’s “translate a document” feature.Madrid-based Francisco Javier Santiago Vazquez, a security auditor for Mnemo, has discovered a cross-site scripting (XSS) vulnerability in Google Translate’s interface.Read More →

VPN Vulnerability “Port Fail” Reveals User’s Real IP Address

On: November 27, 2015

In: Vulnerabilities

Attackers can unmask users hidden under a VPN connection. A vulnerability into how VPN providers deal with port forwarding exposes the real IP address of some users, say the network securityRead More →

VTS scans Android devices for publicly-known vulnerabilities

On: November 27, 2015

In: Vulnerabilities

Vulnerability Test Suite (VTS) is a free application for Android that scans devices running the operating system for publicly-disclosed vulnerabilities. Publicly-disclosed vulnerabilities remain a threat months or even years afterRead More →

United Airlines Slow to Patch Mobile App Vulnerability

On: November 25, 2015

In: Vulnerabilities

A vulnerability reported to United Airlines that could have been exploited to manipulate flight reservations and customer data sat unpatched for almost six months before it was fixed 10 daysRead More →

VMware Patches Pesky XXE Bug in Flex BlazeDS

On: November 21, 2015

In: Vulnerabilities

VMware has patched an information disclosure vulnerability affecting a number of its products that use Flex BlazeDS. The original vulnerability was discovered and disclosed in August by Matthias Kaiser ofRead More →

Vulnerabilities (Page 232)

Critical Vulnerabilities in 3G/4G Modems

Advantech ICS Gear Still Vulnerable to Shellshock, Heartbleed

Critical Medical Equipment Vulnerable to LDAP and SQL Injection Attacks

Tech support scams join forces with Nuclear EKs to distribute ransomware

Multiple serious vulnerabilities in RSI Videofied’s alarm protocol

Google Translate Website Affected by XSS Bug, Google Says It’s OK

VPN Vulnerability “Port Fail” Reveals User’s Real IP Address

VTS scans Android devices for publicly-known vulnerabilities

United Airlines Slow to Patch Mobile App Vulnerability

VMware Patches Pesky XXE Bug in Flex BlazeDS

TunnelCrack: Two serious vulnerabilities in VPNs discovered, had been dormant since 1996

How to easily hack TP-Link Archer AX21 Wi-Fi router

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]

MotW Bypassed: Zero Warning, Full Control – New WinRAR Flaw Silently Bypasses Windows Security

New Vulnerability in GCP Cloud Run Shows Why Least Privilege Isn’t Enough

Hackers Can Manipulate Your Heart Rate Monitor – Unbelievable Security Flaw!

FortiGate Firewalls Zero-Day Chaos: How Hackers Are Gaining Control of Firewalls Worldwide – Is Your Network at Risk?

How Hackers Can Hijack Your Device Without You Knowing – MediaTek’s RCE Flaw Explained

A Malware That EDR Can’t See?If You Rely on Antivirus for Protection, Read This Before It’s Too Late!

WinRAR and ZIP File Exploits: This ZIP File Hack Could Let Malware Bypass Your Antivirus

5 Techniques Hackers Use to Jailbreak ChatGPT, Gemini, and Copilot AI systems

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hacking Pagers to Explosions: Israel’s Covert Cyber-Physical Sabotage Operation Against Hezbollah!

Five Techniques for Bypassing Microsoft SmartScreen and Smart App Control (SAC) to Run Malware in Windows

How Millions of Phishing Emails were Sent from Trusted Domains: EchoSpoofing Explained

How to implement Principle of Least Privilege(Cloud Security) in AWS, Azure, and GCP cloud

The 11 Essential Falco Cloud Security Rules for Securing Containerized Applications at No Cost

Hack-Proof Your Cloud: The Step-by-Step Continuous Threat Exposure Management CTEM Strategy for AWS & AZURE

How Lynx Ransomware Extorts Millions from U.S. Companies

A Malware That EDR Can’t See?If You Rely on Antivirus for Protection, Read This Before It’s Too Late!

Top 2 Malicious Python Packages You Must Avoid! Zebo-0.1.0 & Cometlogger-0.1

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hackers’ Guide to Rogue VM Deployment: Lessons from the MITRE hack

Cyber Security Channel

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]