vulnerability
Word documents seemingly carrying videos can deliver malicious code instead
A feature that allows anyone to embed a video directly in a Word document can be easily misused to trick target users into downloading and running malware, Cymulate …
Vulnerable controllers could allow attackers to manipulate marine diesel engines
Researchers have found several authentication and encryption vulnerabilities in the firmware of marine diesel engine controllers by Norwegian company Auto-Maskin, as well as …
Researchers expose security vulnerabilities in terahertz data links
A new study shows that terahertz data links, which may play a role in ultra-high-speed wireless data networks of the future, aren’t as immune to eavesdropping as many …
PoC exploit for Windows Shell RCE released
Here’s one more reason to hurry with the implementation of the latest Microsoft patches: a PoC exploit for a remote code execution vulnerability that can be exploited …
Juniper fixes 30+ vulnerabilities in its routing, switching devices
Juniper Networks has issued fixes for over thirty vulnerabilities affecting its routing, switching and security products running Junos OS. Critical issues fixed CVE-2018-0044 …
9 million Xiongmai cameras, DVRs wide open to attack
SEC Consult researchers have issued a warning about a handful of critical vulnerabilities they discovered in video surveillance equipment by Chinese manufacturer Hangzhou …
Apple fixes iOS 12 passcode bypass vulnerabilities
Apple has released security updates to address a number of vulnerabilities in iCloud for Windows and iOS, some of which can be exploited by attackers to take control of an …
The end of Google+: Low usage and an API bug that exposed user data
Google has announced that it will be closing down the consumer version of Google+, its failed answer to Facebook, and is introducing more granular Google Account permissions, …
MikroTik routers with default credentials can be easily compromised
If you own a MikroTik router and you haven’t updated its RouterOS in the last month, you should do so now: Tenable Research has released details about four …
Cisco plugs critical flaws in DNA Center and Prime Infrastructure
A new batch of vulnerabilities in various Cisco products has been fixed, three of which are critical. Cisco DNA Center vulnerabilities Two vulnerabilities affect Cisco Digital …
Regularly updating your wireless router is not enough to ward off attacks
Wireless routers are the most often attacked and exploited type of IoT device. They are also one of the rare IoT devices that most of us can’t do without. We need them …
Popular TP-Link wireless home router open to remote hijacking
By concatenating a known improper authentication flaw with a newly discovered CSRF vulnerability, remote unauthenticated attackers can obtain full control over TP-Link …