❌ Connected Home Hubs Open Houses to Full Remote Takeover ❌
📖 Read
via "Threatpost".
Users should update their firmware for three popular smart-home hubs.📖 Read
via "Threatpost".
Threat Post
Connected Home Hubs Open Houses to Full Remote Takeover
Users should update their firmware for three popular smart-home hubs.
❌ Apple Patches Two iOS Zero-Days Abused for Years ❌
📖 Read
via "Threatpost".
Researchers revealed two zero-day security vulnerabilities affecting Apple's stock Mail app on iOS devices.📖 Read
via "Threatpost".
Threat Post
Apple Patches Two iOS Zero-Days Abused for Years
Researchers revealed two zero-day security vulnerabilities affecting Apple's stock Mail app on iOS devices.
ATENTION‼ New - CVE-2017-18765
📖 Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by denial of service. This affects R6300v2 before 1.0.4.8, R6400 before 1.0.1.22, R6400v2 before 1.0.2.32, R6700 before 1.0.1.20, R6900 before 1.0.1.20, WNR3500Lv2 before 1.2.0.44, and WNR2000v2 before 1.2.0.8.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18764
📖 Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6100 before 1.0.0.55, D7000 before 1.0.1.50, D7800 before 1.0.1.28, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.18, R6050 before 1.0.1.10, R6100 before 1.0.1.14, R6120 before 1.0.0.30, R6220 before 1.1.0.50, R6700v2 before 1.2.0.4, R6800 before 1.2.0.4, R6900v2 before 1.2.0.4, R7500 before 1.0.0.110, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, R9000 before 1.0.2.52, WN3000RPv3 before 1.0.2.50, WNDR3700v4 before 1.0.2.88, WNDR3700v5 before 1.1.0.48, WNDR4300v1 before 1.0.2.90, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.44, WNR2000v5 before 1.0.0.58, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18763
📖 Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects JNR1010v2 before 1.1.0.42, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.42, PR2000 before 1.0.0.18, R6050 before 1.0.1.10, R6120 before 1.0.0.30, R6220 before 1.1.0.50, R6700v2 before 1.2.0.4, R6800 before 1.2.0.4, R6900v2 before 1.2.0.4, WNDR3700v5 before 1.1.0.48, WNR1000v4 before 1.1.0.42, WNR2020 before 1.1.0.42, and WNR2050 before 1.1.0.42.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18762
📖 Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6100 before 1.0.0.57, R6100 before 1.0.1.16, R6900P before 1.2.0.22, R7000 before 1.0.9.10, R7000P before 1.2.0.22, R7100LG before 1.0.0.40, WNDR3700v4 before 1.0.2.88, WNDR4300v1 before 1.0.2.90, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, and WNR2000v5 before 1.0.0.58.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18761
📖 Read
via "National Vulnerability Database".
NETGEAR R8000 devices before 1.0.4.2 are affected by a stack-based buffer overflow by an authenticated user.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18759
📖 Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R8300 before 1.0.2.104 and R8500 before 1.0.2.104.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18758
📖 Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18757
📖 Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D7800 before 1.0.1.30, R6100 before 1.0.1.16, R7500 before 1.0.0.116, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, R9000 before 1.0.2.40, WNDR4300v2 before 1.0.0.48, WNDR4300v1 before 1.0.2.90, and WNDR4500v3 before 1.0.0.48.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18756
📖 Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.66, D8500 before 1.0.3.35, DGN2200Bv4 before 1.0.0.94, DGN2200v4 before 1.0.0.94, R6250 before 1.0.4.14, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.30, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7900 before 1.0.2.4, R8000 before 1.0.4.2, WN2500RPv2 before 1.0.1.50, WNDR3400v3 before 1.0.1.14, and WNDR4000 before 1.0.2.10.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18755
📖 Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.4.8, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000P before 1.0.0.86, R6900P before 1.0.0.56, R7300 before 1.0.0.54, R8300 before 1.0.2.106, R8500 before 1.0.2.106, DGN2200v4 before 1.0.0.86, DGND2200Bv4 before 1.0.0.86, R6050 before 1.0.0.86, JR6150 before 1.0.1.10, R6220 before 1.1.0.50, and WNDR3700v5 before V1.1.0.48.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18754
📖 Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects WNDR3700v4 before 1.0.2.88, WNDR4300v1 before 1.0.2.90, and WNR2000v5 before 1.0.0.58.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-18752
📖 Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R6700 before 1.0.1.26, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R7300DST before 1.0.0.52, R7900 before 1.0.1.12, R8000 before 1.0.3.24, and R8500 before 1.0.2.94.📖 Read
via "National Vulnerability Database".
🔏 FBI Details COVID-19 Phishing Attacks on Healthcare Industry 🔏
📖 Read
via "Subscriber Blog RSS Feed ".
The FBI, which has been urging vigilance around COVID-19 themed phishing attacks, this week gave indicators of compromise and hashes to aid admins in the fight.📖 Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
FBI Details COVID-19 Phishing Attacks on Healthcare Industry
The FBI, which has been urging vigilance around COVID-19 themed phishing attacks, this week gave indicators of compromise and hashes to aid admins in the fight.
🕴 Learning From the Honeypot: A Researcher and a Duplicitous Docker Image 🕴
📖 Read
via "Dark Reading: ".
When Larry Cashdollar set up a honeypot in a Docker image, he found behavior that was more enlightening than he had imagined.📖 Read
via "Dark Reading: ".
Dark Reading
Learning From the Honeypot: A Researcher and a Duplicitous Docker Image
When Larry Cashdollar set up a honeypot in a Docker image, he found behavior that was more enlightening than he had imagined.
🕴 11 Tips for Protecting Active Directory While Working from Home 🕴
📖 Read
via "Dark Reading: ".
To improve the security of your corporate's network, protect the remote use of AD credentials.📖 Read
via "Dark Reading: ".
Dark Reading
11 Tips for Protecting Active Directory While Working from Home
To improve the security of your corporate's network, protect the remote use of AD credentials.
🕴 NSA Issues Guidance for Combating Web Shell Malware 🕴
📖 Read
via "Dark Reading: ".
The US intelligence agency teamed up with Australian Signals Directorate in newly released information on how to protect Web servers from the malware.📖 Read
via "Dark Reading: ".
Dark Reading
NSA Issues Guidance for Combating Web Shell Malware
The US intelligence agency teamed up with Australian Signals Directorate in newly released information on how to protect Web servers from the malware.
🕴 Apple iOS Zero-Day Vulnerabilities Exploited in Targeted Attacks 🕴
📖 Read
via "Dark Reading: ".
One of the flaws is remotely exploitable with no user interaction needed, ZecOps says.📖 Read
via "Dark Reading: ".
Darkreading
Apple iOS Zero-Day Vulnerabilities Exploited in Targeted Attacks
One of the flaws is remotely exploitable with no user interaction needed, ZecOps says.
❌ Fast-Moving DDoS Botnet Exploits Unpatched ZyXel RCE Bug ❌
📖 Read
via "Threatpost".
The rapidly evolving Hoaxcalls botnet is exploiting an unpatched vulnerability in the ZyXEL Cloud CNM SecuManager in a bid to widen its spread.📖 Read
via "Threatpost".
Threat Post
Fast-Moving DDoS Botnet Exploits Unpatched ZyXel RCE Bug
The rapidly evolving Hoaxcalls botnet is exploiting an unpatched vulnerability in the ZyXEL Cloud CNM SecuManager in a bid to widen its spread.
🕴 IBM Cloud Data Shield Brings Confidential Computing to Public Cloud 🕴
📖 Read
via "Dark Reading: ".
The Cloud Data Shield relies on confidential computing, which protects data while it's in use by enterprise applications.📖 Read
via "Dark Reading: ".
Dark Reading
IBM Cloud Data Shield Brings Confidential Computing to Public Cloud
The Cloud Data Shield relies on confidential computing, which protects data while it's in use by enterprise applications.