eSecurity Planet

JANUARY 16, 2024

The problem: Ivanti announced two vulnerabilities that affect Ivanti Connect Secure VPN and Ivanti Policy Secure products. Potential results of the exploits include authentication bypass and command injection. According to Bitdefender, the thermostat does not validate the authenticity of a new firmware update.

Firewall 107

Firewall Firmware IoT Authentication 107

eSecurity Planet

JANUARY 22, 2024

The problem: The Unified Extensible Firmware Interface (UEFI) specification has an open-source network implementation, EDK II, with nine discovered vulnerabilities. The vulnerability also exists on GitHub Enterprise Server, but it can only be exploited by an authenticated user with an organization owner role. EPMM versions 11.10, 11.9

Authentication 112

Authentication Malware VPN Mobile 112

eSecurity Planet

NOVEMBER 6, 2023

The Problem: Three flaws discovered by the Kubernetes security community carry CVSS severity scores of 7.6 Non-privileged threat actors can exploit these drivers to gain complete device control, execute arbitrary code, modify firmware, and escalate operating system privileges, posing a significant security risk.

Software 104

Software Education Firmware Ransomware 104

eSecurity Planet

FEBRUARY 21, 2024

Check the Firewall Hardware & Operating System After you’ve prepared all the documentation and know everyone’s roles, one of the early steps in a firewall audit process is a hardware and firmware check. Look at the hardware to see whether it fits your company’s standards and security requirements.

Firewall 112

Firewall Firmware Software Risk 112

eSecurity Planet

SEPTEMBER 11, 2023

Alarmingly, this API lacks any form of authentication, allowing virtually anyone, even a malicious website you might visit, to send commands to the CLI. They can be remotely exploited without authentication, potentially enabling remote code execution, service disruptions, and arbitrary operations on the routers. via port 8076.

VPN 113

VPN Firmware Authentication Phishing 113

eSecurity Planet

OCTOBER 24, 2023

Strengthen Router Security: Enhance your router’s security by changing default login credentials. Regularly update router firmware to patch vulnerabilities and close potential avenues of attack. Android users should disable installations from unknown sources, ensuring app authenticity.

Malware 120

Malware Antivirus Software Passwords 120

eSecurity Planet

DECEMBER 7, 2023

The three innovators and MIT patented the RSA algorithm, a proprietary system available through RSA Security until its public release in 2000. The RSA algorithm remains the most popular public key cryptographic system today and introduced the concept of digital signatures for authentication outside of academia.

Encryption 109

Encryption Authentication Passwords Password Management 109