Researchers have discovered a vulnerability in the remote procedure calls (RPC) for the Windows Server service, which could allow an attacker to gain control over the domain controller (DC) in a specific network configuration and execute remote code. Malicious actors could also exploit the vulnerability to modify a server’s certificate mapping to perform server spoofing….

Acquired by Belden earlier this year, NetModule provides IIoT and industrial routers, vehicle routers, and other types of wireless M2M connectivity products. All of NetModule’s routers run the Linux-based NRSW by default, and can be managed remotely using a remote management platform. According to Flashpoint, its researchers recently identified two critical flaws in NetModule’s router…

With this August patch Tuesday Microsoft fixed more than a hundred vulnerabilities. Some of the vulnerabilities require special attention from corporate cybersecurity personal. Among them there are 17 critical ones, two of which are zero-days. At least one vulnerability has already been actively exploited in the wild, so it would be wise not to delay…

The security hole, tracked as CVE-2022-27924 and described as a Memcache injection issue, allows an unauthenticated attacker to steal cleartext credentials from a targeted Zimbra instance without any user interaction. An attacker can leverage the compromised credentials to access the victim’s emails, from where they could escalate their access within the targeted organization and obtain…

Go, or Golang, is an open source programming language designed for building reliable and efficient software at scale. Supported by Google, Go is leveraged by some of the world’s largest companies and it’s often used to develop cloud-native apps, including for Kubernetes. Oxeye researchers have conducted an analysis of Go-based cloud-native applications and discovered an…

According to fresh data from Redmond’s threat intelligence team, a ransomware-as-a-service gang it tracks as DEV-0206 has been caught rigging online ads to trick targets into installing a loader for additional malware previously attributed to EvilCorp. Even more ominously, Microsoft said its research teams discovered EvilCorp malware distribution tactics and observed behavior all over the…

Smart technology continues to change how people live and interact with the cities around them. While the full value of a connected city evolves – one that leverages innovations powered by artificial intelligence and machine learning – cybersecurity stands as one of its greatest challenges. The Smart City Conundrum While the promise of Smart Cities…

Six vulnerabilities in the MiCODUS MV720 GPS tracker that’s used by organizations around the world to manage and protect vehicle fleets could be exploited by attackers to remotely cut fuel to or abruptly stop vehicles. “Attackers could choose to surreptitiously track individuals or demand ransom payments to return disabled vehicles to working condition,” BitSight researchers…