Top

Category: Vulnerabilities


Vulnerabilities

Flaws Expose Siemens Protection Relays to DoS Attacks

July 13, 2018

Via: Security Week

Siemens has informed customers that some of the company’s SIPROTEC protection relays are exposed to denial-of-service (DoS) attacks due to a couple of vulnerabilities present in the EN100 communication module. SIPROTEC devices provide control, protection, measurement and automation functions for […]


Vulnerabilities

Cisco Patches High Risk Flaws in StarOS, IP Phone

July 13, 2018

Via: Security Week

Cisco this week released a set of security patches to address several vulnerabilities in its products, including High risk issues impacting StarOS and 6800, 7800, and 8800 Series IP Phones. The first High severity bug (CVE-2018-0369) impacts the reassembly logic […]


Threats & Malware, Vulnerabilities

The Aurora Power Grid Vulnerability and the BlackEnergy Trojan

July 12, 2018

Via: TrendMicro Blog

At recent Industrial IoT security briefings, the Aurora vulnerability has come up repeatedly. Attendees ask, “Is our country’s power grid safe? How can we protect the grid? What is Aurora?” This post provides a look at Aurora, and the BlackEnergy […]


Mobile security, Vulnerabilities

Google Fixes Critical Android Vulnerabilities

July 6, 2018

Via: Security Week

Google this week released its July 2018 set of Android patches to address tens of vulnerabilities in the mobile operating system, including several rated as Critical. The Internet giant addressed 11 vulnerabilities as part of the 2018-07-01 security patch level, […]


Network security, Threats & Malware, Virus & Malware, Vulnerabilities

9 SMB Security Trends

July 5, 2018

Via: Dark Reading

Two recent surveys offer insight into why small to medium-sized businesses (SMBs) are taking security more seriously. In one study, by Webroot, 600 IT decision makers pinpoint their top concerns (think: phishing and ransomware), as well as areas where they […]


Network security, Vulnerabilities

Flaws Expose Siemens Central Plant Clocks to Attacks

July 3, 2018

Via: Security Week

Siemens informed customers on Tuesday that some of its SICLOCK central plant clocks are affected by several vulnerabilities, including ones that have been rated “critical.” Siemens SICLOCK devices are used to synchronize time in industrial plants. The central plant clock […]


Vulnerabilities

Facebook App Exposed Data of 120 Million Users

July 2, 2018

Via: Security Week

A recently addressed privacy bug on Nametests.com resulted in the data of over 120 million users who took personality quizzes on Facebook to be publicly exposed. Patched as part of Facebook’s Data Abuse Bounty Program, the vulnerability resided in Nametests.com […]


Vulnerabilities

Unpatched WordPress file deletion vulnerability could allow site takeover and code execution

June 28, 2018

Via: Security Affairs

Seven months ago, security experts discovered a critical file deletion vulnerability that affects all WordPress versions, currently, the issue is still unpatched. The vulnerability could be exploited to complete takeover of the websites running the popular CMS and gain arbitrary […]


Vulnerabilities

New Drupal Exploit Mines Monero for Attackers

June 25, 2018

Via: Dark Reading

A new exploit of a known vulnerability gives an attacker control of the Drupal-hosting server. A newly discovered vulnerability in Drupal has been exploited to turn infected systems into Monero mining bots. Worse, the vulnerability could easily be exploited to […]


Vulnerabilities

Oracle Patches New Spectre, Meltdown Vulnerabilities

June 25, 2018

Via: Security Week

Oracle announced on Friday that it has started releasing software and microcode updates for products affected by the recently disclosed variants of the Spectre and Meltdown vulnerabilities. Intel, AMD, ARM, IBM, Microsoft and other major tech companies last month coordinated […]