IoT

Ongoing attacks leveraging a pair of critical operating system command injection flaws impacting GeoVision Internet of Things devices, tracked as CVE-2024-6047 and CVE-2024-11120, have prompted their inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate the security flaws by May 28, according to Security Affairs.

Security news for this week: RDP and credentials that are not really revoked, and some RDP bitmap caching fun Some magic info on MagicINFO Vulnerability Management Zombies There is a backdoor in your e-commerce Airborne: vulnerabilities in AirPlay Bring your own installer - crafty EDR bypass The Signal clone used by US government officials: shock...

Attacks aimed at the end-of-life GeoVision IoT devices involved an exploit using the operating system command injection bugs, tracked as CVE-2024-6047 and CVE-2024-11120.

The proliferation of IoT devices using 5G network connections will force organizations to implement zero-trust practices, two experts said.

The crosswalk is talking to me man!, don't block my website without due process, Florida is demanding encryption backdoors, attacking boilers and banning HackRF Ones, time to update your flipper zero, using AI to create working exploits, what happens when you combine an RP2350 and an ESP32? Hopefully good hackery things!, more evidence that patchin...

Makers of IoT and embedded devices are about to face stringent regulations around firmware development, documentation and support. Here's why they'll need automation to keep up.

CyberScoop reports that the House Energy and Commerce Committee has approved legislation that would mandate a federal examination on the threat of adversarial nation-controlled routers, modems, and other networking devices on U.S. national security.

Attempted attacks against TVT Digital Technology's NVMS9000 DVRs which had its firmware last updated seven years ago have surged, with devices impacted by an information disclosure flaw reported in May targeted by more than 2,500 IPs suspected to be part of a Mirai-based botnet on Thursday, according to BleepingComputer.