In the ongoing saga of IoT security (The score is bad guys: a whole bunch, good guys: not very many), the bad guys continue to win. Researchers analyzed Samsung’s house management hub called SmartThings and found 20 problems. The researchers, part of Cisco, said that the attacks are complex and require the attackers to chain […]
Continue reading → [DISPLAY_ACURAX_ICONS]While I have written about this in general before, this item is specific to the Land Rover and its “Discovery” model. If this is a surprise to you, it should not be. If you buy a used Land Rover, it is possible (likely) that the previous owner can still control your car through the Land […]
Continue reading → [DISPLAY_ACURAX_ICONS]Zip Slip Vulnerability Affects Thousands of Projects Researchers discovered a flaw in almost all zip-style file decompressors – RAR, TAR, 7ZIP-APK and others. The problem is caused by a very old attack vector called directory traversal that these libraries do not handle correctly. The decompressor libraries were likely downloaded from places like Github and Stack […]
Continue reading → [DISPLAY_ACURAX_ICONS]Enterprise Resource Planning (ERP) systems are quickly becoming a popular target of hackers. It used to be that these systems were on private networks behind firewalls, but as companies move to the cloud and include their vendors and subcontractors in their ERP systems, the systems are becoming more public. More public means easier to hack. […]
Continue reading → [DISPLAY_ACURAX_ICONS]O P I N I O N Christopher Krebs, The Undersecretary for the National Protection and Programs Directorate (NPPD) of DHS said individuals voting rights were safe despite persistent attacks on the voting infrastructure. He said, that by law, if you show up to vote and there is a problem with your registration, you have […]
Continue reading → [DISPLAY_ACURAX_ICONS]As I wrote last week, LabCorp, the mega medical lab testing company (mega as in revenue around $10 billion last year) was breached and they have provided some interesting insights as they have been forced to detail to the SEC some of what happened last week when they had to shut down large parts of […]
Continue reading → [DISPLAY_ACURAX_ICONS]