50% of companies MIT surveyed reported experiencing a cyberattack from an digital asset, and 20% more anticipate one coming soon. And with new vulnerabilities hitting every 12 hours, companies need to take action. Read their recommendations here.
New phone cable mimicking an Apple lightning cable is now on sale that can record anything users type and send the data to a hacker up to one mile away. O.MG cables were produced by a security researcher and sell for $140. Users are encouraged to be wary when borrowing an unknown charging cord.
Deep Dive on 2015 Juniper Networks Breach Shows How Government Struggles to Control its Vulnerabilities
Its been six years since the Juniper Networks Christmas supply chain hack that opened a backdoor that exposed highly sensitive US telecommunications and military agencies to spying. Although details remain scant as to how and why this all went down, Bloomberg news has recently uncovered why Juniper used the NSA algotithm in the first place and who may have been behind the attack.
Resarchers from Singapore-based Star Labs used angr, a binary analysis framework on Python to identify 20+ command injection vulnerabilities on multiple router firmware.
A flaw in software made by BlackBerry has left 200m cars, along with critical hospital and factory equipment, vulnerable. Affected products include QNX Neutrino RTOS for Medical Devices 1.0/1.1 & QNX OS for Automotive Safety 1.0.
Multiple router and modem manufacturers are under attack from DDOS botnet operators that are looking to take advantage of vulnerabilities found inside Arcadyan firmware.
CISA and the FBI are urging critical infrastructure operators to be highly aware and take greater precautions regarding cybersecurity after Colonial ransomeware attack showed the world how dangerous a security breach could be. Read the new cybersecurity directive.
Chained firmware vulnerabilities gave attackers access to perform remote code execution on Aruba Networks routers. According to security researchers, attackers conducted a series of malicious activities including remote code execution (RCE).
Itai Greenhut and Gal Zror from Aleph Security found a total of eight vulnerabilities in Aruba Instant, the software that allows administrators to configure the settings of Aruba routers.
End of life systems were targeted in this ransomware campaign reported by SonicWall as an urgent security alert this week. The vulnerability is fixed in recent versions of its firmware but impacts anyone using a legacy SRP appliance that is EOL.