A series of vulnerabilities affecting industrial routers made by InHand Networks could allow hackers to bypass security systems and gain access to internal operational technology (OT) networks from the internet. The US Cybersecurity and Infrastructure Security Agency (CISA) last week published an advisory to inform organizations about five vulnerabilities identified by a researcher at industrial ..
Tag : Wireless Security
A hacktivist group has made bold claims regarding an attack on an industrial control system (ICS) device, but industry professionals have questioned their claims. The hacktivist group known as GhostSec, whose recent operations have focused on ‘punishing’ Russia for its invasion of Ukraine, claims to have conducted the first ever ransomware attack against a remote ..
Chipmakers Intel and AMD this week released patches for multiple security vulnerabilities in a wide range of product lines, including fixes for a series of high-risk issues in software drivers. AMD published three bulletins this week documenting at least 27 security problems in the AMD Graphics Driver for Windows 10. Exploitation of these flaws could ..
The NSA and the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released the first in a series of guidance documents for securing 5G cloud infrastructure. The guidance comes from the Enduring Security Framework (ESF), a public-private partnership between the NSA, CISA, the Defense Department, the intelligence community, as well as IT, communications, and ..
Technology giants Intel Corp. and VMWare joined the Patch Tuesday parade this week, rolling out fixes for security defects that expose users to malicious hacker attacks. Intel released two advisories to fix privilege escalation and information disclosure vulnerabilities in the SGX software development kit and Hardware Accelerated Execution Manager (HAXM) software products. The more serious ..
A threat group is distributing the little-known Sarwent Trojan via a fake website that impersonates Amnesty International and claims to deliver protection against the Pegasus mobile malware. According to security researchers at Cisco Talos, the attack targets individuals who believe they might have been targeted by the NSO Group’s Pegasus spyware and might be associated with ..
Endpoint security platform Kolide on Thursday announced that it has raised $17 million in Series B funding, for a total of $27 million raised to date. The funding round was led by Boston-based venture capital OpenView Partners. Matrix Partners, who led Kolide’s Series A, also invested in the new round. Kolide sells a Security-as-a-Service (SaaS) ..
A critical vulnerability in the official Facebook for WordPress plugin could be abused to upload arbitrary files, essentially leading to remote code execution, according to a warning from security researchers at Wordfence. Formerly known as Official Facebook Pixel, the Facebook for WordPress plugin is used on more than 500,000 sites, allowing administrators to capture actions ..
A design flaw discovered in the architecture of 5G network slicing can allow malicious actors to access potentially sensitive data and launch denial-of-service (DoS) attacks, mobile network security company AdaptiveMobile Security warned this week. 5G network slicing enables operators to provide different amounts of resources to different types of traffic — based on their needs ..
Facebook’s threat intelligence team says it has disrupted a sophisticated Chinese spying team that routinely use iPhone and Android malware to hit journalists, dissidents and activists around the world. The hacking group, known to malware hunters as Evil Eye, has used Facebook to plant links to watering hole websites rigged with exploits for the two ..