iPhones Vulnerable to Attack Even When Turned Off
Wireless features Bluetooth, NFC and UWB stay on even when the device is powered down, which could allow attackers to execute pre-loaded malware.
Attackers can target iPhones even when they...
Sysrv-K Botnet Targets Windows, Linux
Microsoft researchers say they are tracking a botnet that is leveraging bugs in the Spring Framework and WordPress plugins.
Unpatched vulnerabilities in the Spring Framework and WordPress plugins are...
Microsoft’s May Patch Tuesday Updates Cause Windows AD Authentication Errors
Microsoft’s May Patch Tuesday update is triggering authentication errors.
Microsoft is alerting customers that its May Patch Tuesday update is causing authentications errors and failures tied to Windows Active...
Technical Advisory – Tesla BLE Phone-as-a-Key Passive Entry Vulnerable to Relay Attacks
Vendor: Tesla, Inc.
Vendor URL: https://www.tesla.com
Versions affected: Attack tested with vehicle software v11.0 (2022.8.2 383989fadeea) and iOS app 4.6.1-891 (3784ebe63).
Systems Affected: Attack tested on Model 3. Model Y is likely...
Technical Advisory – Kwikset/Weiser BLE Proximity Authentication in Kevo Smart Locks Vulnerable to Relay...
Vendor: Kwikset/Weiser (Spectrum Brands)
Vendor URLs: https://www.kwikset.com/kevo/smart-lock, https://www.weiserlock.com/en/kevo/default
Versions Affected: All versions. Attack tested on Kevo Generation 2 hardware with firmware v1.9.49 and Android application version Kevo 2.9.1.21765p.
Systems Affected: Kevo smart...
You Can’t Eliminate Cyberattacks, So Focus on Reducing the Blast Radius
Tony Lauro, director of security technology and strategy at Akamai, discusses reducing your company’s attack surface and the “blast radius” of a potential attack.
Lately, I’ve started wondering if...
Actively Exploited Zero-Day Bug Patched by Microsoft
Microsoft’s May Patch Tuesday roundup also included critical fixes for a number of flaws found in infrastructure present in many enterprise and cloud environments.
Microsoft has revealed 73 new patches...
Intel Memory Bug Poses Risk for Hundreds of Products
Dell and HP were among the first to release patches and fixes for the bug.
Chipmaker Intel is reporting a memory bug impacting microprocessor firmware used in “hundreds” of products....
Hackers Actively Exploit F5 BIG-IP Bug
The bug has a severe rating of 9.8, public exploits are released.
Threat actors have started exploiting a critical bug in the application service provider F5’s BIG-IP modules after a...
FBI: Rise in Business Email-based Attacks is a $43B Headache
A huge spike in fraudulent activities related to attacks leveraging business email accounts is a billion-dollar-problem.
The FBI warned the global cost of business email compromise (BEC) attacks...
