-
New Mirai botnet targets industrial routers with zero-day exploits
New Mirai botnet targets industrial routers with zero-day exploits A relatively new Mirai-based botnet has been growing in sophistication and is now leveraging zero-day exploits for security flaws in industrial routers and smart home devices. Exploitation of previous … Read more Published Date: Jan 07, 2025 (13 hours, 6 minutes ago) Vulnerabilities has been mentioned in this…
-
CISA KEV UPDATE Part I – January 2025
CISA KEV UPDATE Part I – January 2025 The US CISA has added 3 vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog based on the evidence of active exploitation.CVE-2024-41713: Mitel MiCollab Path Traversal VulnerabilityDe … Read more Published Date: Jan 08, 2025 (8 hours, 43 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2024-51741 CVE-2024-46981 CVE-2024-10957…
-
BIOS flaws expose iSeq DNA sequencers to bootkit attacks
BIOS flaws expose iSeq DNA sequencers to bootkit attacks BIOS/UEFI vulnerabilities in the iSeq 100 DNA sequencer from U.S. biotechnology company Illumina could let attackers disable devices used for detecting illnesses and developing vaccines. The Illumina … Read more Published Date: Jan 07, 2025 (14 hours, 47 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2023-1968…
-
CISA warns of critical Oracle, Mitel flaws exploited in attacks
CISA warns of critical Oracle, Mitel flaws exploited in attacks CISA has warned U.S. federal agencies to secure their systems against critical vulnerabilities in Oracle WebLogic Server and Mitel MiCollab systems that are actively exploited in attacks. The cybersec … Read more Published Date: Jan 07, 2025 (15 hours, 4 minutes ago) Vulnerabilities has been mentioned in…
-
Google’s Willow Quantum Chip and Its Potential Threat to Current Encryption Standards
Introduction: Google’s recent announcement of their Willow quantum processor marks a significant advancement in quantum computing technology while raising questions about the security and sustainability of current encryption methods. As quantum computers grow more powerful, cybersecurity experts grow increasingly concerned about their potential to break widely used encryption standards that protect sensitive data worldwide. Quantum…
-
US Treasury Department Sanctions Chinese Company Over Cyberattacks
From the Washington Post: The sanctions target Beijing Integrity Technology Group, which U.S. officials say employed workers responsible for the Flax Typhoon attacks which compromised devices including routers and internet-enabled cameras to infiltrate government and industrial targets in the United States, Taiwan, Europe and elsewhere. From the Washington Post: The sanctions target Beijing Integrity Technology…
-
CVE-2025-0301 – Online Book Shop Cross Site Scripting (XSS)
CVE ID : CVE-2025-0301 Published : Jan. 7, 2025, 6:15 p.m. | 1 hour, 30 minutes ago Description : A vulnerability, which was classified as problematic, has been found in code-projects Online Book Shop 1.0. Affected by this issue is some unknown functionality of the file /subcat.php. The manipulation of the argument catnm leads to cross site…
-
CVE-2024-40427 – PX4-Autopilot Stack Buffer Overflow
CVE ID : CVE-2024-40427 Published : Jan. 7, 2025, 7:15 p.m. | 30 minutes ago Description : Stack Buffer Overflow in PX4-Autopilot v1.14.3, which allows attackers to execute commands to exploit this vulnerability and cause the program to refuse to execute Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected…
-
CVE-2024-55413 – SUNIX Parallel Driver x64 uninitialized IOCTL Request Vulnerability (Privilege Escalation, Code Execution, Information Disclosure)
CVE ID : CVE-2024-55413 Published : Jan. 7, 2025, 6:15 p.m. | 1 hour, 30 minutes ago Description : A vulnerability exits in driver snxppamd.sys in SUNIX Parallel Driver x64 – 10.1.0.0, which allows low-privileged users to read and write arbitary i/o port via specially crafted IOCTL requests . This can be exploited for privilege escalation, code…
-
CVE-2024-55414 – Motorola SM56 Modem WDM Driver Privilege Escalationlsa
CVE ID : CVE-2024-55414 Published : Jan. 7, 2025, 6:15 p.m. | 1 hour, 30 minutes ago Description : A vulnerability exits in driver SmSerl64.sys in Motorola SM56 Modem WDM Driver v6.12.23.0, which allows low-privileged users to mapping physical memory via specially crafted IOCTL requests . This can be exploited for privilege escalation, code execution under high…