The Internet of Gas Station Tank Gauges: The author of Metasploit, HD Moore, revealed more than 5,800 publicly accessible Automated Tank Gauges (ATGs) at gas stations in a 2015 post. These systems are essential for measuring fluid levels, tank temperature,…
Latest posts - Page 37
Aircraft WiFi Devices Found to Have Vulnerabilities, Exposing Passengers’ Data
In wireless LAN equipment that is supposedly used to provide internet connectivity in flights, two serious aircraft wifi devices vulnerabilities were discovered. The Flexlan Forex3000 and Forex2000 series wi-fi LAN equipment made by Contec was affected by the weaknesses discovered…
Considerations for Strong Authentication in Digital, Cloud-First Businesses
Organizations must use authentication as a foundational security measure. If they want to know who and what is using their resources and assets. Strong Authentication in Digital, according to the Cybersecurity and Infrastructure Security Agency (CISA), is the process of…
Asian governments were targeted by hackers connected to ShadowPad.
A group of threat actors formerly linked to the ShadowPad remote obtains Trojan (RAT) have switched to a new toolkit. They use the new toolkit to conduct operations against various governments and state-owned companies across many Asian countries. The Threat…
WordPress Sites Affected by the WPGateway Plugin’s Zero-Day Vulnerability, over 280,000
WPGateway plugin, a premium WordPress plugin, has a zero-day vulnerability that is already being aggressively abused in the wild. This gives bad actors the capability to entirely take over vulnerable websites. According to WordPress security firm Wordfence, the vulnerability, identified…
A Xalan-J vulnerability could lead to arbitrary code execution
Different SAML implementations make use of open-source initiatives. Researchers caution that a flaw in the Apache project Xalan-J used by numerous SAML implementations leads to arbitrary code execution. A markup language called XSLT (Extensible Stylesheet Language Transformations) may convert XML…
Reverse tunnelling and URL shorteners are tools used by cybercriminals to run “nearly undetected” phishing attacks.
Threat actors can now avoid some of the most powerful phishing defences thanks to a new hacking approach. Criminal organizations are using a new technique for phishing attacks that might render threat actors undetectable, according to security researchers. The method…
Facebook programmers are unsure of the whereabouts of all user data.
According to Facebook, it takes a team of people to explain to you what information the firm has on you. Also where Facebook keeps it, just as it takes a village to raise a child. Two Facebook engineers were questioned…
The Log4j bug is being used by North Korean Lazarus hackers to attack US energy corporations.
Security researchers have connected the North Korean state-sponsored Lazarus hacking gang to a recent cyber espionage effort targeting energy suppliers in the United States, Canada, and Japan by using Log4j bug. The threat intelligence firm Cisco Talos reported on Thursday…
WeChat alerts users abroad that their personal information and browsing history are being transmitted to China.
WeChat, a Chinese social media site, informed that it stores data on China servers of users who are located outside of China. WeChat users located outside of China received notifications that their personal information, such as likes, comments, browsing and…