Narendra Shinde of Qualys Security has identified multiple vulnerabilities in Schneider Electric’s ETG3000 FactoryCast HMI Gateway. ICS-SCADA systems are critical components of for our society, they are often vital system inside critical infrastructure, but we still continue to discover naive vulnerabilities in the software they run. The latest surprising discovery was made by security experts […]
Ubuntu has released several patches for security vulnerabilities in different versions of the OS, including some CSRF, DoS and remote code execution flaws. Ubuntu has patched several security vulnerabilities that affect different OSs, some of them are affecting Thunderbird client included in Ubuntu release and could be exploited to remotely run arbitrary code. Thunderbird is a popular Mozilla […]
A security researcher demonstrated that “car hacking” is reality through the exploitation of vulnerable Can Insurance Dongle. Million vehicles at risk. Car hacking is a reality, we have discussed the topic several times and we have learned that modern vehicles have a complex internal networking infrastructure that could be subject to cyber attacks. The news […]
The VLC open-source media player is affected by two security vulnerabilities that can allow an attacker to run arbitrary code on vulnerable machines. Some versions of the popular VLC open-source media player are affected by two memory corruption vulnerabilities that could be exploited by an attacker to run arbitrary code on vulnerable machines. The couple of vulnerabilities was […]
Security expert discovered a critical flaw in Verizon’s FiOS mobile app that could be exploited to access the email account of any Verizon customer. A new critical vulnerability in exposing million accounts to cyber threats, this time the flaw affects the Verizon FiOS mobile app and could be exploited by attackers to access the email account […]
ICT experts from the US and India have now announced that they will work together to help improve India’s ICT. This announcement was made in Washington DC during the recent US-India ICT Work Group meeting. The collaboration between experts from the US and India in a bid to help India realize its ICT projects has […]
Google Project Zero team disclosed a new unpatched flaw affecting Windows 8.1 systems, the cyber security community is divided between those for and against. The Google Project Zero team has disclosed the details of two more unpatched Windows vulnerabilities due to its disclosure policy. Google has released the details of another Windows vulnerability that Microsoft failed to fix […]
ENISA published a study on the on the threat landscape and provides a list of good practices that aim at securing an Internet infrastructure assets. ENISA has published the annual analysis on the threat landscape, the document titled Threat Landscape and Good Practice Guide for Internet Infrastructure analyzes in details the current cyber threats and […]
Researchers at IBM Trusteer discovered a new toolkit dubbed KL-Remote that allows criminals to run Remote Overlay Attacks without specific skills. It is even more simple for cyber criminals to arrange scams and conduct illegal activities thanks the offer in the cyber criminal ecosystem, for example KL-Remote is a newborn toolkit that could be used to compromise online banking accounts by […]
GE MultiLink managed switches are affected by two vulnerabilities which could be exploited to gain unauthorized access and run DoS attacks on the device. Managed Ethernet switches produced by GE include the hard-coded private SSL key in a number of network devices. The Ethernet switches that present the security hole are designed for use in industrial […]