Threat actors with configuration page access to VersaLink printers with proper Lightweight Directory Access Protocol settings could enable IP address alterations and clear-text LDAP service credential compromise, according to Rapid7 researchers.
You can install Linux in your PDF, just upload everything to AI, hackers behind the forum, TP-Link's taking security seriously, patche Tuesday for everyone including Intel, AMD, Microsoft, Fortinet, and Ivanti, hacking your space heater for fun and fire, Cybertrucks on fire (or not), if you could just go ahead and get rid of the buffer overflows, s...
This week, we talked to our friends at Bitwarden about password vaults, storing more than just passwords, free software to manage those SSH keys, and vaults for developers. In the news, new/old Palo Alto vulnerabilities explained, taking down the power grid with a FlipperZero, more vulnerable bootloaders, putting garbage in your .ASS file, the US G...
Researchers at Akamai’s Security Intelligence and Response Team detected the malware leveraging a proof-of-concept exploit that was published in July 2024.
After inputting valid employee emails to infiltrate Starlink's admin panel hosted on a subarucs.com subdomain, threat actors could perform password resets, omit client-side overlay, and evade two-factor authentication to access the panel's features and determine different types of customer and vehicle information, including names, vehicle identification numbers, and location details.
Andy Jaquith joins us to discuss how to prioritize vulnerabilities and remmediation in the real-world, including asset management and more! In the security news: ESP32s in the wild and security, Google oAuth flaw, DDoS targets, Ban on auto components, Bambu firmware updates, Silk Road founder is free, one last cybersecurity executive order, US Trea...
Aside from the zero-day, threat actors behind AIRASHI also leveraged more than a dozen other security flaws impacting AVTECH IP cameras, Shenzhen TVT appliances, and other devices dating as far back as 2013, a report from QiAnXin XLab researchers showed.
Malaysia, Mexico, Thailand, Indonesia, and Vietnam accounted for most of the infections with the botnet, which exploited the CVE-2017-17215 and CVE-2024-7029 vulnerabilities for initial access and the eventual botnet malware retrieval for DDoS intrusions, an analysis from Qualys researchers revealed.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
