CVE-2021-22333
There is an Improper Validation of Array Index vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute, thus obtaining system permissions.
A new vulnerability discovered in various Rockwell Automation programmable logic controllers (PLC) has received a 10 out of 10 risk score, the highest possible on the CVSS vulnerability scale. The new vulnerability is being tracked as CVE-2021-22681. Attackers can abuse this flaw in the Logix Designer 5000 software to gain the secret cryptographic key, which…
The health care system says it has suspended access to patient portals and other applications related to operations at Scripps facilities. Scripps Health is in the aftermath of a cyberattack that has disrupted patient portals and forced employees to use offline chart systems. Some patients’ appointments have been rescheduled. The health care system confirmed on…
Cybersecurity researchers disclosed details about 13 vulnerabilities in the Nagios network monitoring application that could be abused by an adversary to hijack the infrastructure without any operator intervention. “In a telco setting, where a telco is monitoring thousands of sites, if a customer site is fully compromised, an attacker can use the vulnerabilities to compromise…
Application Security , Cyberwarfare / Nation-State Attacks , Endpoint Security ‘Zero Click’ Exploits Suspected in NSO Group Pegasus Spyware Attacks, Amnesty Says Jeremy Kirk (jeremy_kirk) • July 19, 2021 A new exposé tracking how spyware has been used to target journalists, human rights advocates and dissidents suggests attackers have been exploiting zero-day flaws…
Endpoint Security , Governance & Risk Management , Internet of Things Security Low-Bandwidth Network Can Share Internet Connections Among Amazon Devices Doug Olenick (DougOlenick) • June 3, 2021 Devices such as Amazon’s Ring cameras will be part of the company’s Sidewalk low-bandwidth network. Internet of things security professionals are expressing concern over Amazon’s…
Iran”s Natanz nuclear site lost power on Sunday just hours after starting up advanced new facilities to speed up the enrichment of uranium. Announcing an “incident” on state TV, a spokesman for the country’s nuclear programme said no injuries or contamination had occurred. Power at Natanz had been cut across the facility, comprised of above-ground…