Remove Authentication Remove Book Remove Firmware
article thumbnail

Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers

Security Affairs

Xerox VersaLink C7025 Multifunction printer flaws could allow attackers to capture authentication credentials via pass-back attacks via LDAP and SMB/FTP services. ” Organizations using Xerox VersaLink C7025 Multifunction printers should update to the latest firmware. . and earlier. ” reads the report published by Rapid7.

article thumbnail

KindleDrip exploit – Hacking a Kindle device with a simple email

Security Affairs

The researchers noticed that the “Send to Kindle” feature allows Kindle users to send e-books to their devices as email attachments, a behavior that could be potentially exploited for malicious purposes, for example sending a malicious e-book to potential victims. To my pleasant surprise, the e-book appeared on the device!

Hacking 144
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

Security Affairs

Security researchers from WizCase have discovered several vulnerabilities in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS. Meaning, authentication bypasses weren’t enough. WD My Book, NetGear Stora. CVE-2018-18472 – XXE and Unauthenticated Remote Command Execution in Axentra Hipserv NAS firmware. .

article thumbnail

InterContinental Hotels' booking systems disrupted by cyberattack

Malwarebytes

The activity significantly disrupted IHG's booking channels and other applications. Booking system. The unavailability of the online booking system must be a major pain for IHG. directly to make, amend or cancel a booking. Use anti-malware software , and keep all operating systems, software, and firmware up to date.

article thumbnail

10 Behaviors That Will Reduce Your Risk Online

Daniel Miessler

Keep your firmware and software updated. Enable two-factor authentication on all critical accounts. For your most important accounts—such as those controlling your email account, your bank, and your mobile phone account—you should enable two-factor authentication. Everything. Setting up Google 2FA.

Risk 345
article thumbnail

FujiFilm printer credentials encryption issue fixed

Pen Test Partners

With the default configuration of these printers, it’s possible to retrieve these credentials in an encrypted format without authenticating to the printer. and Xerox Corporation provide a facility to export the contents of their Address Book encrypted, but the encryption strength is insufficient. Medium) CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

article thumbnail

Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

London hospitals canceled over 800 operations in the week after Synnovis ransomware attack DORA Compliance Strategy for Business Leaders City of Cleveland still working to fully restore systems impacted by a cyber attack Two Ukrainians accused of spreading Russian propaganda and hack soldiers’ phones Google fixed an actively exploited zero-day (..)