Cisco Security

FEBRUARY 24, 2022

As a result, organizations are further assessing security posture management processes, examining vendor risk management requirements, and testing security more frequently. If you’re a security and risk management leader, the new ESG eBook is a must-read, so download the Security Hygiene and Posture Management eBook right now.

Digital transformation 140

Digital transformation Risk Technology CISO 140

eSecurity Planet

JANUARY 16, 2024

xml through the download portal. The problem: The United States Cybersecurity and Infrastructure Security Agency (CISA) has announced a vulnerability in Microsoft SharePoint that allows a threat actor to escalate their privileges on the network. The fix: Bitdefender offers a smart home scanner app to locate vulnerable IoT devices.

Firewall 108

Firewall Firmware IoT Authentication 108

eSecurity Planet

OCTOBER 16, 2023

Additionally, isolating IoT devices and range extenders on a separate network from sensitive devices can help mitigate potential risks until a proper fix is provided by the vendor. The bug allows for a 1-click RCE attack by requiring a user to mistakenly download and open a specially crafted.CUE file.

DDOS 102

DDOS Software Cybersecurity IoT 102

eSecurity Planet

AUGUST 14, 2023

Here’s a roundup of the week’s major vulnerabilities that security teams should mitigate or patch. August 12 , 2023 Ford Auto’s TI Wi-Fi Vulnerability The Internet of Things (IoT) continues to expand and become a threat to connected businesses.

Software 97

Software Malware Internet Internet 97

eSecurity Planet

DECEMBER 7, 2023

Yet, Internet of Things (IoT) devices tend to be designed with the minimum computing resources required to accomplish the designed task of the device (security camera, printer, TV, etc.). While less computationally constrained than IoT, mobile devices constrain computations to avoid consuming power and draining battery life.

Encryption 112

Encryption Passwords IoT Firewall 112

eSecurity Planet

JULY 8, 2024

These vulnerabilities affected diverse areas, including network infrastructure, software libraries, IoT devices, and even CPUs. Traeger addressed unauthorized controls on IoT grills before July 4th. July 1, 2024 OpenSSH Releases Security Updates to Address RCE Type of vulnerability: Signal handler race condition in OpenSSH server.

Risk 62

Risk Authentication Firmware Surveillance 62

eSecurity Planet

JUNE 10, 2024

The problem: The Muhstik botnet exploited a severe RCE issue in Apache RocketMQ ( CVE-2023-33246 ) to attack Linux systems and IoT devices for DDoS and cryptomining. The attack starts with the execution of a shell script from a remote IP that downloads the Muhstik malware binary (“pty3”).

Malware 72

Malware Authentication Software Telecommunications 72