Flaws

10 Critical Flaws Found in CODESYS Industrial Automation Software

Jun 4, 2021 by iHash Leave a Comment

Cybersecurity researchers on Thursday disclosed as many as ten critical vulnerabilities impacting CODESYS automation software that could be exploited to remote code execution on programmable logic controllers (PLCs). "To exploit the vulnerabilities, an attacker does not need a username or password; having network access to the industrial controller is enough," researchers from … [Read more...] about 10 Critical Flaws Found in CODESYS Industrial Automation Software

6 Unpatched Flaws Disclosed in Remote Mouse App for Android and iOS

May 7, 2021 by iHash Leave a Comment

As many as six zero-days have been uncovered in an application called Remote Mouse, allowing a remote attacker to achieve full code execution without any user interaction. The unpatched flaws, collectively named 'Mouse Trap,' were disclosed on Wednesday by security researcher Axel Persinger, who said, "It's clear that this application is very vulnerable and puts users at risk … [Read more...] about 6 Unpatched Flaws Disclosed in Remote Mouse App for Android and iOS

Microsoft Finds ‘BadAlloc’ Flaws Affecting Wide-Range of IoT and OT Devices

Apr 30, 2021 by iHash Leave a Comment

Microsoft researchers on Thursday disclosed two dozen vulnerabilities affecting a wide range of Internet of Things (IoT) and Operational Technology (OT) devices used in industrial, medical, and enterprise networks that could be abused by adversaries to execute arbitrary code and even cause critical systems to crash. "These remote code execution (RCE) vulnerabilities cover more … [Read more...] about Microsoft Finds ‘BadAlloc’ Flaws Affecting Wide-Range of IoT and OT Devices

New QNAP NAS Flaws Exploited In Recent Ransomware Attacks

Apr 23, 2021 by iHash Leave a Comment

A new ransomware strain called "Qlocker" is targeting QNAP network attached storage (NAS) devices as part of an ongoing campaign and encrypting files in password-protected 7zip archives. First reports of the infections emerged on April 20, with the adversaries behind the operations demanding a bitcoin payment (0.01 bitcoins or about $500.57) to receive the decryption key. In … [Read more...] about New QNAP NAS Flaws Exploited In Recent Ransomware Attacks

Critical Flaws Affecting GE’s Universal Relay Pose Threat to Electric Utilities

Mar 23, 2021 by iHash Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of critical security shortcomings in GE's Universal Relay (UR) family of power management devices. "Successful exploitation of these vulnerabilities could allow an attacker to access sensitive information, reboot the UR, gain privileged access, or cause a denial-of-service condition," the agency said in … [Read more...] about Critical Flaws Affecting GE’s Universal Relay Pose Threat to Electric Utilities

Microsoft Issues Security Patches for 89 Flaws — IE 0-Day Under Active Attacks

Mar 10, 2021 by iHash Leave a Comment

Microsoft plugged as many as 89 security flaws as part of its monthly Patch Tuesday updates released today, including fixes for an actively exploited zero-day in Internet Explorer that could permit an attacker to run arbitrary code on target machines. Of these flaws, 14 are listed as Critical, and 75 are listed as Important in severity, out of which two of the bugs are … [Read more...] about Microsoft Issues Security Patches for 89 Flaws — IE 0-Day Under Active Attacks

Critical Flaws Reported in Cisco VPN Routers for Businesses—Patch ASAP

Feb 5, 2021 by iHash Leave a Comment

Cisco has rolled out fixes for multiple critical vulnerabilities in the web-based management interface of Small Business routers that could potentially allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. The flaws — tracked from CVE-2021-1289 through CVE-2021-1295 (CVSS score 9.8) — impact RV160, RV160W, RV260, RV260P, and … [Read more...] about Critical Flaws Reported in Cisco VPN Routers for Businesses—Patch ASAP

A Set of Severe Flaws Affect Popular DNSMasq DNS Forwarder

Jan 19, 2021 by iHash Leave a Comment

Cybersecurity researchers have uncovered multiple vulnerabilities in Dnsmasq, a popular open-source software used for caching Domain Name System (DNS) responses, thereby potentially allowing an adversary to mount DNS cache poisoning attacks and remotely execute malicious code. The flaws, collectively called "DNSpooq" by Israeli research firm JSOF, echoes previously disclosed … [Read more...] about A Set of Severe Flaws Affect Popular DNSMasq DNS Forwarder

Amnesia:33 — Critical TCP/IP Flaws Affect Millions of IoT Devices

Dec 9, 2020 by iHash Leave a Comment

Cybersecurity researchers disclosed a dozen new flaws in multiple widely-used embedded TCP/IP stacks impacting millions of devices ranging from networking equipment and medical devices to industrial control systems that could be exploited by an attacker to take control of a vulnerable system. Collectively called "AMNESIA:33" by Forescout researchers, it is a set of 33 … [Read more...] about Amnesia:33 — Critical TCP/IP Flaws Affect Millions of IoT Devices

SAD DNS — New Flaws Re-Enable DNS Cache Poisoning Attacks

Nov 13, 2020 by iHash Leave a Comment

A group of academics from the University of California and Tsinghua University has uncovered a series of critical security flaws that could lead to a revival of DNS cache poisoning attacks. Dubbed "SAD DNS attack" (short for Side-channel AttackeD DNS), the technique makes it possible for a malicious actor to carry out an off-path attack, rerouting any traffic originally … [Read more...] about SAD DNS — New Flaws Re-Enable DNS Cache Poisoning Attacks

« Previous Page

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54