vulnerability Archives - Page 22 of 24

Cybersecurity analytics and operations: Need for automation and orchestration

Issued by: Help Net Security

New research from Enterprise Strategy Group (ESG) shows that when it comes to the evolution of Cybersecurity Analytics and Operations, 71% of respondent organizations find it more difficult today than it was two years ago due to the changing threat landscape, followed by volume of alerts and increased regulatory changes. “Despite businesses making it a…

Vulnerabilities

New IoT malware targets 100,000 IP cameras via known flaw

Issued by: CSO

Over 100,000 internet-connected cameras may be falling prey to a new IoT malware that’s spreading through recently disclosed vulnerabilities in the products. The malware, called Persirai, has been found infecting Chinese-made wireless cameras since last month, security firm Trend Micro said on Tuesday. The malware does so by exploiting flaws in the cameras that a…

Malware & Threats

Dok Mac malware intercepts victims’ web traffic, installs backdoor

Issued by: Help Net Security

A new piece of Mac malware, more insidious and dangerous that all those encountered before, has been flung at European users via fake (but relatively convincing) emails. In examples uncovered by Check Point, the emails were made to look like they were sent from a tax agency, and ostensibly warn the recipients about inconsistencies in…

Vulnerabilities

Exploit revealed for remote root access vulnerability affecting many router models

Issued by: Help Net Security

Back in January 2013, researchers from application security services firm DefenseCode unearthed a remote root access vulnerability in the default installation of some Cisco Linksys (now Belkin) routers. The flaw was actually found in Broadcom’s UPnP implementation used in popular routers, and ultimately the researchers extended the list of vulnerable routers to encompass devices manufactured…

Application Security

Google Play faces cat and mouse game with sneaky Android malware

Issued by: CIO Security

What’s the best way to avoid Android malware? Downloading all your apps from the Google Play store — where software is vetted – is perhaps the best advice. But that doesn’t mean Google Play is perfect. Security researchers do find new Android malware lurking on Google’s official app store. That’s because hackers are coming up…

Network Security, Vulnerabilities

185,000+ vulnerable Wi-Fi cameras just waiting to be hijacked

Issued by: Help Net Security

A generic wireless camera manufactured by a Chinese company and sold around the world under different names and brands can be easily hijacked and/or roped into a botnet. The flaw that allows this to happen is found in a custom version of GoAhead, a lightweight embedded web server that has been fitted into the devices.

Vulnerabilities

Survey Finds Disconnect Between Security Strategy and Execution

Issued by: Dark Reading

Report from Intel Security and CSIS discovers 93% of businesses have cybersecurity strategies, but only 49% fully implement them.

Vulnerabilities

Multiple security flaws found in mainstream robotic technologies

Issued by: Help Net Security

IOActive exposed numerous vulnerabilities found in multiple home, business, and industrial robots available on the market today. The array of vulnerabilities identified in the systems evaluated included many graded as high or critical risk, leaving the robots highly susceptible to attack. Attackers could employ the issues found to maliciously spy via the robot’s microphone and…

Network Security

High Severity Flaw Patched in OpenSSL 1.1.0

Issued by: Security Week

A high severity denial-of-service (DoS) vulnerability was patched on Thursday in OpenSSL with the release of version 1.1.0e. The flaw, tracked as CVE-2017-3733, has been described as an “Encrypt-Then-Mac renegotiation crash.” The security hole, reported by Joe Orton of Red Hat on January 31, does not affect OpenSSL 1.0.2.