hardware
Researchers discover sensitive corporate data on decommissioned routers
Looking at configuration data, 56% of decommissioned routers disposed of and sold on the secondary market contained sensitive corporate data, according to ESET. Of the …
Security beyond software: The open source hardware security evolution
Mention IT security, and most people immediately think of software-based protections against software-based threats: ransomware, viruses, and other forms of malware. But …
Vulnerabilities impacting multiple QNAP operating systems (CVE-2022-27597, CVE-2022-27598)
Two vulnerabilities affecting various QNAP operating systems (CVE-2022-27597 and CVE-2022-27598) have been uncovered by Sternum. These vulnerabilities enable authenticated …
BEC scammers are after physical goods, the FBI warns
BEC attacks are usually aimed at stealing money or valuable information, but the FBI warns that BEC scammers are increasingly trying to get their hands on physical goods such …
Intel vPro platform unveils advanced security measures
Intel has launched the latest Intel vPro platform, which is powered by 13th Gen Intel Core processors and offers a broad range of features, including powerful security …
How to combat hardware Trojans by detecting microchip manipulations
Not only do security vulnerabilities lurk within software, but they can also be embedded directly into hardware, leaving technical applications open to widespread attack. For …
Samsung, Vivo, Google phones open to remote compromise without user interaction
Several vulnerabilities in Samsung’s Exynos chipsets may allow attackers to remotely compromise specific Samsung Galaxy, Vivo and Google Pixel mobile phones with no user …
Vulnerability in DJI drones may reveal pilot’s location
Serious security vulnerabilities have been identified in multiple DJI drones. These weaknesses had the potential to allow users to modify crucial drone identification details …
Business-grade routers compromised in low-key attack campaign
An unknown threat actor has discreetly compromised business-grade DrayTek routers in Europe, Latin and North America, equipping them with a remote access trojan (dubbed …
Cyber resilience in focus: EU act to set strict standards
With the EU Cyber Resilience Act (CRA), the industry is dealing with one of the strictest regulatory requirements. Manufacturers, importers and even distributors of products …
Admins, patch your Cisco enterprise security solutions! (CVE-2023-20032)
Cisco has released security updates for several of its enterprise security and networking products, fixing (among other things): A critical vulnerability (CVE-2023-20032) in …
XIoT vendors get serious about security, devote resources to protect cyber-physical systems
Cyber-physical system vulnerabilities disclosed in the second half (2H) of 2022 have declined by 14% since hitting a peak during 2H 2021, while vulnerabilities found by …