vulnerability
Self-encrypting SSDs vulnerable to encryption bypass attacks
Researchers have discovered security holes in the hardware encryption implementation of several solid state disks (SSDs) manufactured by Crucial (owned by Micron) and Samsung, …
Apache Struts 2.3.x vulnerable to two year old RCE flaw
The Apache Software Foundation is urging users that run Apache Struts 2.3.x to update the Commons FileUpload library to close a serious vulnerability that could be exploited …
High risk vulnerability discovered in Sauter CASE Suite building automation software
Applied Risk researcher, Gjoko Krstic, has identified a security vulnerability in the Sauter CASE Suite, a software package used to handle building automation projects with …
Cisco security appliances under attack, still no patch available
A vulnerability (CVE-2018-15454) affecting a slew Cisco security appliances, modules and firewalls is being exploited in the wild to crash and reload the devices, the company …
Bleedingbit: Critical vulnerabilities in BLE chips expose millions of access points to attack
Armis today announced the discovery of two critical vulnerabilities in Bluetooth Low Energy (BLE) chips made by Texas Instruments (TI) and used in Cisco, Meraki and Aruba …
Word documents seemingly carrying videos can deliver malicious code instead
A feature that allows anyone to embed a video directly in a Word document can be easily misused to trick target users into downloading and running malware, Cymulate …
Vulnerable controllers could allow attackers to manipulate marine diesel engines
Researchers have found several authentication and encryption vulnerabilities in the firmware of marine diesel engine controllers by Norwegian company Auto-Maskin, as well as …
Researchers expose security vulnerabilities in terahertz data links
A new study shows that terahertz data links, which may play a role in ultra-high-speed wireless data networks of the future, aren’t as immune to eavesdropping as many …
PoC exploit for Windows Shell RCE released
Here’s one more reason to hurry with the implementation of the latest Microsoft patches: a PoC exploit for a remote code execution vulnerability that can be exploited …
Juniper fixes 30+ vulnerabilities in its routing, switching devices
Juniper Networks has issued fixes for over thirty vulnerabilities affecting its routing, switching and security products running Junos OS. Critical issues fixed CVE-2018-0044 …
9 million Xiongmai cameras, DVRs wide open to attack
SEC Consult researchers have issued a warning about a handful of critical vulnerabilities they discovered in video surveillance equipment by Chinese manufacturer Hangzhou …
Apple fixes iOS 12 passcode bypass vulnerabilities
Apple has released security updates to address a number of vulnerabilities in iCloud for Windows and iOS, some of which can be exploited by attackers to take control of an …