Security news for this week: RDP and credentials that are not really revoked, and some RDP bitmap caching fun, Some magic info on MagicINFO, Vulnerability Management Zombies, There is a backdoor in your e-commerce, Airborne: vulnerabilities in AirPlay, Bring your own installer - crafty EDR bypass, The Signal clone used by US government officials: s...
Attacks aimed at the end-of-life GeoVision IoT devices involved an exploit using the operating system command injection bugs, tracked as CVE-2024-6047 and CVE-2024-11120.
The crosswalk is talking to me man!, don't block my website without due process, Florida is demanding encryption backdoors, attacking boilers and banning HackRF Ones, time to update your flipper zero, using AI to create working exploits, what happens when you combine an RP2350 and an ESP32? Hopefully good hackery things!, more evidence that patchin...
Makers of IoT and embedded devices are about to face stringent regulations around firmware development, documentation and support. Here's why they'll need automation to keep up.
CyberScoop reports that the House Energy and Commerce Committee has approved legislation that would mandate a federal examination on the threat of adversarial nation-controlled routers, modems, and other networking devices on U.S. national security.
Attempted attacks against TVT Digital Technology's NVMS9000 DVRs which had its firmware last updated seven years ago have surged, with devices impacted by an information disclosure flaw reported in May targeted by more than 2,500 IPs suspected to be part of a Mirai-based botnet on Thursday, according to BleepingComputer.
SecurityWeek reports that 99% of 351 healthcare organizations had internet of medical things devices with actively exploited vulnerabilities, while 20% of hospital information systems are impacted by security issues leveraged in ransomware intrusions and remain online.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
