vulnerability
MikroTik routers with default credentials can be easily compromised
If you own a MikroTik router and you haven’t updated its RouterOS in the last month, you should do so now: Tenable Research has released details about four …
Cisco plugs critical flaws in DNA Center and Prime Infrastructure
A new batch of vulnerabilities in various Cisco products has been fixed, three of which are critical. Cisco DNA Center vulnerabilities Two vulnerabilities affect Cisco Digital …
Regularly updating your wireless router is not enough to ward off attacks
Wireless routers are the most often attacked and exploited type of IoT device. They are also one of the rare IoT devices that most of us can’t do without. We need them …
Popular TP-Link wireless home router open to remote hijacking
By concatenating a known improper authentication flaw with a newly discovered CSRF vulnerability, remote unauthenticated attackers can obtain full control over TP-Link …
Cisco Talos discloses serious vulnerabilities in Foxit PDF Reader
Cisco Talos researcher Aleksandar Nikolic has unearthed one of the critical vulnerabilities fixed in the latest Adobe Acrobat and Reader security updates. He is also the one …
Crowdfense launches Vulnerability Research Hub for top security researchers
Crowdfense officially launched the Vulnerability Research Hub out of beta. After being internally developed and fine-tuned for several months, Crowdfense opened their …
Scan reveals known open source vulnerabilities in popular Android apps
Widespread use of unpatched open source code in popular Android apps is causing significant security vulnerabilities, warns the non-profit American Consumer Institute Center …
Advantech WebAccess RCE flaw still exploitable, exploit code available
A vulnerability in Advantech WebAccess, a web browser-based software package for human-machine interfaces (HMI) and supervisory control and data acquisition (SCADA) systems, …
Remotely exploitable flaw in Schneider Electric PLCs is a danger to OT networks
A vulnerability in the Schneider Electric Modicon M221, a programmable logic controller (PLC) deployed in commercial industrial facilities worldwide, can be exploited to …
Phillips plugs security flaws in e-Alert tool
Dutch tech company Phillips has fixed several serious security flaws in Philips e-Alert, a tool that helps magnetic resonance imaging (MRI) systems work as intended. About …
Wireshark can be crashed via malicious packet trace files
The Wireshark team has plugged three serious vulnerabilities that could allow an unauthenticated, remote attacker to crash vulnerable installations. According to Cisco …
Old “Misfortune Cookie” flaw opens medical gateway and devices to attack
A vulnerability in Qualcomm Life Capsule Datacaptor Terminal Server (DTS) can be easily exploited to allow attackers to execute unauthorized code to obtain administrator-level …