Archive for the ‘Vulnerability’ Category

‘Smart’ solar power inverters raise risk of energy grid attacks

August 22nd, 2017

Researcher identifies a weakness in the software layer – and reminds us that we’re placing a lot of trust in vendors to implement decent security in formerly passive devices

Posted in solar power, Vulnerability | Comments (0)

Foxit backtracks after declining to fix zero-days exposed by ZDI

August 22nd, 2017

If you use Foxit’s PDF reader, make sure you update – and stick with Safe Reading mode until you do

Posted in Foxit Reader, malicious PDF, Vulnerability | Comments (0)

‘Pulse wave’ DDoS – another way of blasting sites offline

August 18th, 2017

If there’s one thing we’ve learned, it’s that any new way of DDoSing will reveal that there are a huge number of undefended devices online

Posted in DDoS, DDoS-for-hire, Security threats, Vulnerability | Comments (0)

Unpatchable Flaw in Modern Cars Allows Hackers to Disable Safety Features

August 17th, 2017

Today, many automobiles companies are offering vehicles that run on the mostly drive-by-wire system, which means a majority of car’s functions—from instrument cluster to steering, brakes, and accelerator—are electronically controlled.

No doubt these auto-control systems make your driving experience much better, but at the same time, they also increase the risk of getting hacked.

Car Hacking

Posted in car hacking, hacking news, Internet of things, Smart Car Hacking, Vulnerability | Comments (0)

Scanners to be patched after government warns of vulnerabilities

August 9th, 2017

Siemens says that there’s no evidence its scanners have been compromised – but the patches will be ready by the end of the month

Posted in healthcare, IoT, medical devices, Security threats, Siemens, Vulnerability | Comments (0)

Critical Flaws Found in Solar Panels Could Shut Down Power Grids

August 8th, 2017

A Dutch security researcher has uncovered a slew of security vulnerabilities in an essential component of solar panels which could be exploited to cause widespread outages in European power grids.

Willem Westerhof, a cybersecurity researcher at Dutch security firm ITsec, discovered 21 security vulnerabilities in the Internet-connected inverters – an essential component of solar panel that

Posted in Electric Power Grids, hacking news, power grid, solar cell, solar panel, Vulnerability | Comments (0)

Good guys and bad guys race against time over disclosing vulnerabilities

August 7th, 2017

What’s at stake when we don’t share vulnerability data?

Posted in disclosure, vulnerabilities, Vulnerability | Comments (0)

Adobe is Finally Killing FLASH — At the End of 2020!

July 26th, 2017

Finally, Adobe is Killing FLASH — the software that helped make the Internet a better place with slick graphics, animation, games and applications and bring online video to the masses, but it has been hated for years by people and developers over its buggy nature.

But the end of an era for Adobe Flash is near. Adobe announced Tuesday that the company would stop providing updates and stop

Posted in adobe, Adobe Animate CC, Adobe Flash, Adobe Flash Player, flash memory, Flash Player Update, flash vulnerability, Vulnerability | Comments (0)

Windows security hole – the “Orpheus’ Lyre” attack explained

July 19th, 2017

A long-standing bug in the network authentication protocol called Kerberos led to a security hole in Windows, Linux and more.

Posted in Exploit, Kerberos, samba, Vulnerability, Windows | Comments (0)

Remotely Exploitable Flaw Puts Millions of Internet-Connected Devices at Risk

July 18th, 2017

Security researchers have discovered a critical remotely exploitable vulnerability in an open-source software development library used by major manufacturers of the Internet-of-Thing devices that eventually left millions of devices vulnerable to hacking.

The vulnerability (CVE-2017-9765), discovered by researchers at the IoT-focused security firm Senrio, resides in the software development

Posted in buffer overflow vulnerability, gSOAP toolkit, hacking news, Internet of things, iot devices, remote code execution, smart device, software development, Vulnerability | Comments (0)