Newest Intel Side-Channel Attack Sniffs Out Sensitive Data
A new side-channel attack takes aim at Intel’s CPU ring interconnect in order to glean sensitive data.
Intel processors are vulnerable to a new side-channel attack, which researchers said can...
Massive Supply-Chain Cyberattack Breaches Several Airlines
The cyberattack on SITA, a nearly ubiquitous airline service provider, has compromised frequent-flyer data across many carriers.
A communications and IT vendor for 90 percent of the world’s airlines, SITA,...
U.S. DoD Weapons Programs Lack ‘Key’ Cybersecurity Measures
The lack of cybersecurity requirements in weapons contracts from the Department of Defense opens the door for dangerous cyberattacks.
Weapons programs from the U.S. Department of Defense (DoD) are falling...
CISA Orders Federal Agencies to Patch Exchange Servers
Espionage attacks exploiting the just-patched remote code-execution security bugs in Microsoft Exchange servers are quickly spreading.
Hot on the heels of Microsoft’s announcement about active cyber-espionage campaigns that are exploiting...
Microsoft, FireEye Unmask More Malware Linked to SolarWinds Attackers
Researchers with Microsoft and FireEye found three new malware families, which they said are used by the threat group behind the SolarWinds attack.
Researchers have uncovered more custom malware that...
Malicious Code Bombs Target Amazon, Lyft, Slack, Zillow
Attackers have weaponized code dependency confusion to target internal apps at tech giants.
Researchers have spotted malicious packages targeting internal applications for Amazon, Lyft, Slack and Zillow (among others) inside...
Unpatched Bug in WiFi Mouse App Opens PCs to Attack
Wireless mouse-utility lacks proper authentication and opens Windows systems to attack.
The mobile application called WiFi Mouse, which allows users to control mouse movements on a PC or Mac with...
Jailbreak Tool Works on iPhones Up to iOS 14.3
The UnC0ver team took advantage of an iOS flaw patched in January in its latest tool allowing developers and other enthusiasts to hack into their own devices.
Hackers behind previous...
Firewall Vendor Patches Critical Auth Bypass Flaw
Cybersecurity firm Genua fixes a critical flaw in its GenuGate High Resistance Firewall, allowing attackers to log in as root users.
Germany-based cybersecurity company Genua has fast-tracked a fix for...
Technical Advisory: Administrative Passcode Recovery and Authenticated Remote Buffer Overflow Vulnerabilities in Gigaset DX600A...
Current Vendor: Gigaset
Vendor URL: https://www.gigaset.com/es_es/gigaset-dx600a-isdn/
Versions affected: V41.00-175.00.00-SATURN-175.00
Systems Affected: DX600A
Authors: Manuel Ginés - manuel.ginesnccgroupcom
Admin Service Weak Authentication
CVE Identifier: CVE-2021-25309
Risk: 8.8 (High) - AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AT Command Buffer Overflow
CVE Identifier: CVE-2021-25306
Risk: 4.5 (Medium)...