Vulnerabilities

Researchers Uncover Vulnerabilities in Open-Source AI and ML Models

Oct 29, 2024 by iHash Leave a Comment

Oct 29, 2024Ravie LakshmananAI Security / Vulnerability A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence (AI) and machine learning (ML) models, some of which could lead to remote code execution and information theft. The flaws, identified in tools like ChuanhuChatGPT, Lunary, and LocalAI, have been reported … [Read more...] about Researchers Uncover Vulnerabilities in Open-Source AI and ML Models

Three Critical Ivanti CSA Vulnerabilities Actively Exploited

Oct 8, 2024 by iHash Leave a Comment

Oct 08, 2024Ravie LakshmananZero-Day / Vulnerability Ivanti has warned that three new security vulnerabilities impacting its Cloud Service Appliance (CSA) have come under active exploitation in the wild. The zero-day flaws are being weaponized in conjunction with another flaw in CSA that the company patched last month, the Utah-based software services provider … [Read more...] about Three Critical Ivanti CSA Vulnerabilities Actively Exploited

Google’s Shift to Rust Programming Cuts Android Memory Vulnerabilities by 52%

Sep 25, 2024 by iHash Leave a Comment

Sep 25, 2024Ravie LakshmananSecure Coding / Mobile Security Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of memory-safe vulnerabilities discovered in Android dropping from 76% to 24% over a period of six years. The tech giant said focusing on Safe Coding for new features not … [Read more...] about Google’s Shift to Rust Programming Cuts Android Memory Vulnerabilities by 52%

Critical vulnerabilities in Telit Cinterion modems

May 15, 2024 by iHash Leave a Comment

Several serious vulnerabilities have been discovered in Telit Cinterion cellular M2M modems, including the possibility of remote arbitrary code execution (RCE) via SMS messages. These modems are used in millions of different devices and systems for both the consumer market segment (payment terminals, ATMs, cars) and various industries such as healthcare, financial, … [Read more...] about Critical vulnerabilities in Telit Cinterion modems

Google Using Clang Sanitizers to Protect Android Against Cellular Baseband Vulnerabilities

Dec 13, 2023 by iHash Leave a Comment

Dec 13, 2023NewsroomMobile Communication / Firmware security Google is highlighting the role played by Clang sanitizers in hardening the security of the cellular baseband in the Android operating system and preventing specific kinds of vulnerabilities. This comprises Integer Overflow Sanitizer (IntSan) and BoundsSanitizer (BoundSan), both of which are part of … [Read more...] about Google Using Clang Sanitizers to Protect Android Against Cellular Baseband Vulnerabilities

3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches

Nov 25, 2023 by iHash Leave a Comment

Nov 25, 2023NewsroomData Security / Vulnerability The maintainers of the open-source file-sharing software ownCloud have warned of three critical security flaws that could be exploited to disclose sensitive information and modify files. A brief description of the vulnerabilities is as follows - Disclosure of sensitive credentials and configuration in containerized … [Read more...] about 3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches

U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog

Jun 24, 2023 by iHash Leave a Comment

Jun 24, 2023Ravie LakshmananThreat Intel / Zero Day The U.S. Cybersecurity and Infrastructure Security Agency has added a batch of six flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This comprises three vulnerabilities that Apple patched this week (CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439), two flaws in VMware … [Read more...] about U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog

Case study: smart pet feeder vulnerabilities

Jun 20, 2023 by iHash Leave a Comment

All animal owners love their pets. And what do pets love above all else? TLC and food, of course. Or vice versa: food first, tummy-rub second. Today’s smart feeders are designed to make sure your pet won’t go hungry or get bored while you’re away. But what’s the score cybersecurity-wise? Not great… Smart feeder for furry friends Smart feeders are becoming a popular choice for … [Read more...] about Case study: smart pet feeder vulnerabilities

New Critical MOVEit Transfer SQL Injection Vulnerabilities Discovered

Jun 10, 2023 by iHash Leave a Comment

Jun 10, 2023Ravie LakshmananVulnerability / Cyber Threat Progress Software, the company behind the MOVEit Transfer application, has released patches to address brand new SQL injection vulnerabilities affecting the file transfer solution that could enable the theft of sensitive information. "Multiple SQL injection vulnerabilities have been identified in the MOVEit Transfer web … [Read more...] about New Critical MOVEit Transfer SQL Injection Vulnerabilities Discovered

Cisco and VMware Address Critical Vulnerabilities

Jun 8, 2023 by iHash Leave a Comment

Jun 08, 2023Ravie LakshmananNetwork Security / Vulnerability VMware has released security updates to fix a trio of flaws in Aria Operations for Networks that could result in information disclosure and remote code execution. The most critical of the three vulnerabilities is a command injection vulnerability tracked as CVE-2023-20887 (CVSS score: 9.8) that could allow a … [Read more...] about Cisco and VMware Address Critical Vulnerabilities

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54