Top

Category: Vulnerabilities


Vulnerabilities

Cisco Patches Code Execution in Webex Player

September 21, 2018

Via: Security Week

Cisco this week addressed vulnerabilities in the Webex Network Recording Player for Advanced Recording Format (ARF) that could allow a remote attacker to execute arbitrary code on a targeted system. The Webex Meetings Server is a multimedia conferencing solution that […]


Vulnerabilities

Rockwell Automation Patches Severe Flaws in Communications Software

September 21, 2018

Via: Security Week

Rockwell Automation has patched several critical and high severity vulnerabilities in its RSLinx Classic communications software. RSLinx Classic is a widely used piece of software that allows organizations to connect Logix5000 programmable automation controllers to various Rockwell applications, including for […]


Phishing, Vulnerabilities

Threats posed by using RATs in ICS

September 20, 2018

Via: Securelist

While conducting audits, penetration tests and incident investigations, we have often come across legitimate remote administration tools (RAT) for PCs installed on operational technology (OT) networks of industrial enterprises. In a number of incidents that we have investigated, threat actors […]


Mobile security, Vulnerabilities

CSS-Based Attack Causes iOS, macOS Devices to Crash

September 18, 2018

Via: Threat Post

The attack stems from a glitch in WebKit, an HTML layout browser engine in Apple’s Safari browser. A newly-revealed proof-of-concept attack can cause iOS devices to crash or restart with a mere 15 lines of code, a researcher disclosed over […]


Vulnerabilities

Zero-Day Bug Allows Hackers to Access CCTV Surveillance Cameras

September 18, 2018

Via: Threat Post

Firmware used in up to 800,000 CCTV cameras open to attack thanks to buffer overflow zero-day bug. Between 180,000 and 800,000 IP-based closed-circuit television cameras are vulnerable to a zero-day vulnerability that allows hackers to access surveillance cameras, spy on […]


Vulnerabilities

Facebook Offers Rewards for Access Token Exposure Flaws

September 18, 2018

Via: Security Week

Facebook announced on Monday that it has expanded its bug bounty program to introduce rewards for reports describing vulnerabilities that involve the exposure of user access tokens. Access tokens allow users to log into third-party applications and websites through Facebook. […]


Vulnerabilities

Privilege Escalation Vulnerability Found in Honeywell Android Computers

September 17, 2018

Via: Hot for Security

A total of 17 Honeywell handheld computers were recently found vulnerable to a privilege escalation bug that could enable attackers to fully compromise the device and its stored data. The remotely exploitable vulnerability (CVE-2018-14825) has been tagged as “Improper Privilege […]


Vulnerabilities

2 Billion Bluetooth Devices Remain Exposed to Airborne Attack Vulnerabilities

September 14, 2018

Via: Dark Reading

One year after Armis disclosed ‘BlueBorne,’ a large number of Android, Linux, and iOS devices remain unpatched. One year after security vendor Armis disclosed a set of nine exploitable vulnerabilities in Bluetooth, some 2 billion devices — including hundreds of […]


Network security, Vulnerabilities

Flaws in firmware expose almost any modern PC to Cold Boot Attacks

September 14, 2018

Via: Security Affairs

A team of security researchers demonstrated that the firmware running on nearly all modern computers is vulnerable to cold boot attacks. A team of experts from cybersecurity firm F-Secure has discovered security flaws affecting firmware in modern computers that could […]


Malware, Vulnerabilities

Osiris Banking Trojan Displays Modern Malware Innovation

September 13, 2018

Via: Threat Post

Osiris’ fundamental makeup positions it in the fore of malware trends, despite being based on old source code that’s been knocking around for years. After staying dormant for few years, the Kronos banking trojan resurfaced in July in a form […]