Skip to Content

e-Tugra vulnerabilities

Updated on 2022-12-01: e-Tugra vulnerabilities Security researcher Ian Carroll has disclosed a series of misconfigurations in the infrastructure of e-Tugra, a Turkey-based certificate authority. Carroll said the misconfigured infrastructure allowed them to get access to backend systems controlling the CA’s systems and even to massive troves of highly-sensitive customer data. Read more: Security concerns with …

Read More about e-Tugra vulnerabilities

CISA Adds Oracle Fusion Middleware Flaw to Known Exploited Vulnerabilities Catalog

The US Cybersecurity and Infrastructure Security Agency (CISA) has added an unspecified vulnerability in Oracle Fusion Middleware to its Known Exploited Vulnerabilities (KEV) catalog. The flaw affects Oracle Fusion Middleware Access Manager and “allows an unauthenticated attacker with network access via HTTP to take over the Access Manager product.” CISA has specified a mitigation due …

Read More about CISA Adds Oracle Fusion Middleware Flaw to Known Exploited Vulnerabilities Catalog

AMI BMC Firmware vulnerabilities

Updated on 2022-12-07: AMI BMC vulnerabilities Eclypsium researchers have discovered three vulnerabilities in the firmware of AMI MegaRAC baseboard management controllers. Eclypsium says the three vulnerabilities can be exploited via the Redfish and IPMI ports for remote code execution that can grant attackers access to the superuser account on the BMC firmware. Baseboard management controllers …

Read More about AMI BMC Firmware vulnerabilities

Cisco Identity Server Engine Vulnerabilities

Cisco has published an advisory alerting users to four vulnerabilities in its Identity Server Engine (ISE): a tcpdump feature command injection vulnerability; a tcpdump stored cross-site scripting vulnerability; an External RADIUS Server feature stored cross-site scripting vulnerability; and an access bypass vulnerability. Cisco plans to release updates to address the flaws; there are no workarounds. …

Read More about Cisco Identity Server Engine Vulnerabilities

Radio Free Asia data breached

Updated on 2022-11-22 U.S. government-sponsored news outlet Radio Free Asia suffered a data breach that leaked the SSNs, passport numbers, financial information, and other personal data of 4,000 people. Read more: Personal data of nearly 4,000 people leaked in hack of Radio Free Asia Overview: Radio Free Asia breach US news agency Radio Free Asia …

Read More about Radio Free Asia data breached

Amazon RDS exposure

Updated on 2022-11-18: Amazon RDS exposure A Mitiga report claims that there are hundreds of Amazon RDS servers exposed online each month. Amazon RDS, or the Amazon Relational Database Service, is a cloud service from Amazon that provides access to various hosted relational database engines like MySQL, PostgreSQL, MariaDB, Oracle, MSSQL, and others. Read more: …

Read More about Amazon RDS exposure

Electric Vehicle Charging Infrastructure Cybersecurity

Scientists from Sandia and other US National Laboratories “recently published a summary of known electric vehicle charger vulnerabilities in the scientific journal Energies.” The vulnerabilities range from payment card skimming to taking control of an EV charger network. The paper includes proposed fixes and changes to the EV charging infrastructure. Note Remember that even the …

Read More about Electric Vehicle Charging Infrastructure Cybersecurity

Google Updates Chrome for Desktop

Google has updated the Stable channel for Chrome for desktop to version 107.0.5304.110 for Mac and Linux and 107.0.5304.106/.107 for Windows. The updated versions of the browser address 10 vulnerabilities, including six high severity issues. Note Your Chrome and Chromium browsers are affected here. Odds are, by now, the user’s browsers have already downloaded the …

Read More about Google Updates Chrome for Desktop
Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.