Weekly news WORLD ВРАЗЛИВОСТІ

Flaws in Phoenix Contact Automationworx Allow Code Execution via Malicious Files

Several vulnerabilities affecting the Phoenix Contact Automationworx automation software suite can be exploited for remote code execution using specially crafted project files. Advisories describing the security holes were published recently by the DHS’s National Cybersecurity & Communications Integration Center (NCCIC) on the ICS-CERT website, by Germany’s VDE CERT, and Trend Micro’s Zero Day Initiative (ZDI), […]

Weekly news WORLD ВРАЗЛИВОСТІ

Google’s Titan Security Keys Vulnerable to Bluetooth Attacks

Google announced on Wednesday that it’s offering a free replacement for its Titan Security Key dongles following the discovery of a potentially serious vulnerability. The Titan Security Key is designed to help users protect themselves against phishing attacks and account takeover by using FIDO standards for two-factor authentication (2FA). The product uses cryptography to verify […]

Weekly news WORLD ВРАЗЛИВОСТІ

P2P Flaws Expose Millions of IoT Devices to Remote Attacks

Vulnerabilities discovered by a researcher in a peer-to-peer (P2P) system named iLnkP2P expose millions of cameras and other Internet of Things (IoT) devices to remote attacks from the Internet, and no patches are available. Paul Marrapese, a California-based security engineer, discovered two serious flaws in iLnkP2P, a system developed by Chinese firm Shenzhen Yunni Technology […]

VULNERABILITIES Weekly news Windows tips WORLD ВРАЗЛИВОСТІ

Microsoft Patches Windows Privilege Escalation Flaws Exploited in Attacks

Microsoft has fixed over 70 vulnerabilities with its April 2019 Patch Tuesday updates, including two Windows zero-day flaws that allow an attacker to escalate privileges on a compromised system. The actively exploited flaws, tracked as CVE-2019-0803 and CVE-2019-0859, appear similar — the security advisories published by Microsoft are nearly identical. They are both caused due […]

Research Weekly news WORLD ВРАЗЛИВОСТІ

Vulnerability Spotlight: Multiple Vulnerabilities in CUJO Smart Firewall, Das U-Boot, OCTEON SDK, Webroot BrightCloud

Threat Research Claudio Bozzato of Cisco Talos discovered these vulnerabilities. CUJO AI produces the CUJO Smart Firewall, a device that provides protection to home networks against a myriad of threats such as malware, phishing websites and hacking attempts. Cisco Talos recently discovered 11 vulnerabilities in the CUJO Smart Firewall. These vulnerabilities could allow an attacker […]