Tag: flaws

August 6, 2018

Two nasty security vulnerabilities make hundreds of HP Inkjet printers vulnerable to remote code execution. HP recommended applying firmware update patches “as soon as possible.” Almost immediately after announcing a “first of its kind” bug bounty program for printers, offering […]

July 19, 2018

Cisco informed customers on Wednesday that it has found and patched over a dozen critical and high severity vulnerabilities in its Policy Suite, SD-WAN, WebEx and Nexus products. The networking giant reported discovering four critical flaws in Policy Suite during […]

March 6, 2018

Google has released its March 2018 set of security updates for Android to address numerous Critical and High severity vulnerabilities in the popular mobile operating system. The majority of the Critical vulnerabilities addressed this month could allow an attacker to […]

February 5, 2018

Vulnerabilities that could allow unauthorized file deletion, unauthorized command execution and authentication bypass impacted WD (Western Digital) MyCloud devices, Trustwave reports. The vulnerabilities were discovered in the MyCloud personal storage device and were reported to Western Digital last year. The […]

December 21, 2017

VMware has released security updates to address four vulnerabilities in its ESXi, vCenter Server Appliance (vCSA), Workstation and Fusion products. The flaws were addressed with the release of six patches for ESXi, version 12.5.8 of Workstation, version 8.5.9 of Fusion, and […]

November 30, 2017

The patch released by Apple on Wednesday for a critical root access vulnerability affecting macOS High Sierra appears to break the operating system’s file sharing functionality in some cases. The company has provided an easy fix for affected users. The […]

September 7, 2017

A total of 81 security vulnerabilities have been addressed in this month’s set of security patches for the Android platform. 13 of the flaws were rated Critical severity. The security bulletin has two security patch levels, each focused on addressing […]

March 9, 2017

Western Digital My Cloud NAS devices have again been found wanting in the security department, as two set of researchers have revealed a number of serious flaws in the devices’ firmware. WD My Cloud is meant to be a private […]

March 3, 2017

The robot industry has become better at building eye-catching demonstration machines than securing them, consultancy IOActive has concluded after pen-testing some famous examples. After a process described as “not even a deep, extensive security audit”, Hacking Robots Before Skynet uncovered 50 vulnerabilities […]

February 2, 2017

Popular printer models manufactured by Dell, Brother, Konica, Samsung, HP, and Lexmark are affected by security vulnerabilities that could be exploited by hackers to steal passwords, steal information from the print jobs, and shut down the devices. The discovery was made by researchers […]

February 1, 2017

An impressive number of Netgear routers is affected by two flaws that can lead to password disclosure. It has been estimated that hundreds of thousand devices, potentially more than one million Netgear routers, could be hacked, by both a local or a remote attacker. […]

January 18, 2017

Unfortunately, often in the digital environment what makes things faster and easier is riddled with cyber security risks. This time, it is about the autofill feature. Finish specialist Viljami Kuosmanen illustrated how easy it is for third parties to get […]

December 13, 2016

Flaws affecting Moxa’s MiiNePort embedded serial device servers can be exploited remotely to gain control of vulnerable systems. The vendor has released firmware updates to address the security holes. ICS-CERT informed organizations last week that MiiNePort E1, E2 and E3 […]

December 6, 2016

If you’ve encountered errors over the past month when trying to access HTTPS-enabled websites on your computer or Android phone, it might have been due to a bug in Chrome. The bug affected the validation for some SSL certificates issued […]

October 19, 2016

Most businesses do not have comprehensive programmes to tackle firmware security risks, according to a report by global business technology and cyber security association Isaca. This is despite the fact that organisations are increasingly aware of the growing importance of […]

September 29, 2016

We’re all familiar with the cartoon image of a character stopping a water leak by plugging a finger into the hole, only for another leak to start, needing another finger, and so on, until the character is soaked by a […]

August 4, 2016

More than 1,500 vulnerabilities specific to industrial control systems (ICS) have been disclosed in the past 15 years and many of them did not have vendor patches when their existence was made public, according to a new report from FireEye. […]

July 27, 2016

Sylvania Osram Lightify vulnerabilities could allow an attacker to turn out the lights or ultimately infiltrate the corporate network. Researchers at Rapid7 have uncovered flaws in the Home and Pro versions of Sylvania Osram Lightify products that could allow attackers […]

July 22, 2016

Managed security risk assessment provider Digital Defense has identified several vulnerabilities in the Dell SonicWALL Global Management System (GMS), a platform that allows organizations to centrally manage their SonicWALL solutions. The vendor has released a hotfix to patch the issues. […]

July 22, 2016

Google has patched a high-risk vulnerability in its Chrome browser that allows an attacker to escape the Chrome sandbox. That vulnerability is one of 48 bugs fixed in version 52 of Chrome released Wednesday. Four dozen of those flaws are […]