eSecurity Planet

JANUARY 16, 2024

January 11, 2024 Smart Thermostat from Bosch Puts Offices in Danger Type of vulnerability: Malicious commands sent from an attacker to the thermostat, including potentially replacing firmware with rogue code. According to Bitdefender, the thermostat does not validate the authenticity of a new firmware update.

Firewall 109

Firewall Firmware IoT Authentication 109

eSecurity Planet

MAY 20, 2024

Note that some DIR-600 devices are end of life, so D-Link won’t release any firmware updates for these. The problem: This new Chrome vulnerability is an out-of-bounds write in Chrome V8, Chrome’s JavaScript engine. May 17, 2024 New Chrome Vulnerability Requires Browser Upgrade Type of vulnerability: Out-of-bounds write.

VPN 62

VPN Firmware Malware Software 62

Security Boulevard

JUNE 23, 2022

AI-based attacks: Bot-based attacks are getting better at mimicking user activity, more easily breaching the low-security defenses of many IoT devices. Secure Firmware Updates Are a Necessity for Resilient IoT Deployments. Related Posts. Best Practices for Assuring the Software Supply Chain for IoT.

IoT 98

IoT Social Engineering Firmware Risk 98

eSecurity Planet

SEPTEMBER 11, 2023

The fix: ASUS released firmware updates to address the vulnerabilities. Sending phishing emails to engineers can be used as an exploitation technique to get them to import malicious configuration files ( CVE-2023-31171 ), which results in arbitrary code execution. 31 and updated Sept.

VPN 113

VPN Firmware Authentication Phishing 113

eSecurity Planet

MAY 27, 2024

Immediately update your QNAP devices to the most recent firmware to mitigate these issues. The vulnerabilities include a use-after-free flaw in Scheduling ( CVE-2024-5157 ) and a type confusion bug in the V8 engine ( CVE-2024-5158 ).They The fix: Google has published security fixes for Chrome versions 125.0.6422.76

Backups 67

Backups Authentication DDOS Engineering 67

eSecurity Planet

DECEMBER 10, 2023

Automate Patches and Updates Ensure strong network security by automating regular updates of firewall firmware and installing security patches as soon as they become available. Why It Matters Preventing social engineering attacks requires user awareness.

Firewall 120

Firewall Network Security Backups Education 120

eSecurity Planet

DECEMBER 7, 2023

Users can establish a symmetric key to share private messages through a secure channel, like a password manager. Unfortunately, while symmetric encryption is a faster method, it is also less secure because sharing the key exposes it to theft. This article was originally written by Sam Ingalls and published on May 26, 2022.

Encryption 109

Encryption Authentication Passwords Password Management 109