Category: alerts
Cyber Security Monitor Alerts News Notifications. We monitor and send notifications on the latest Cyber Security alerts, blogs, news on data breaches and emerging cyber threats.
-
Black Hat: Microsoft’s Patch for Windows Hello Bypass Bug is Faulty, Researchers Say
Researchers show how to circumvent Microsoft’s Windows Hello biometric authentication using a spoofed USB camera. Read more
-
Black Hat: Security Bugs Allow Takeover of Capsule Hotel Rooms
A researcher was able to remotely control the lights, bed and ventilation in “smart” hotel rooms via Nasnos vulnerabilities. Read more
-
We COVID-Clicked on Garbage, Report Finds: Podcast
Were we work-from-home clicking zombies? Steganography attacks snagged three out of eight recipients. Nasty CAPTCHAs suckered 50 times more clicks during 2020. Read more
-
CISA Releases Security Advisory for Swisslog Healthcare
Original release date: August 3, 2021 CISA has released an Industrial Control Systems (ICS) advisory detailing multiple vulnerabilities in Swisslog Healthcare Translogic Pneumatic Tube Systems (PTS). An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the ICS Medical Advisory ICSMA-21-215-01 Swisslog Translogic… Read more
-
CISA and NSA Release Kubernetes Hardening Guidance
Original release date: August 2, 2021 | Last revised: August 3, 2021 The National Security Agency (NSA) and CISA have released Kubernetes Hardening Guidance, a cybersecurity technical report detailing the complexities of securely managing Kubernetes—an open-source, container-orchestration system used to automate deploying, scaling, and managing containerized applications. This report describes the security challenges associated with… Read more
-
‘DeadRinger’ Targeted Exchange Servers Long Before Discovery
Cyberespionage campaigns linked to China attacked telecoms via ProxyLogon bugs, stealing call records and maintaining persistence, as far back as 2017. Read more
-
‘PwnedPiper’: Devastating Bugs in >80% of Hospital Pneumatics
Podcast: Blood samples aren’t martinis. You can’t shake them. But bugs in pneumatic control systems could lead to that, RCE or ransomware. Read more
-
Vulnerability Summary for the Week of July 26, 2021
Original release date: August 2, 2021 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info naviwebs — navigatecms In NavigateCMS version 2.9.4 and below, function in `product.php` is vulnerable to sql injection on parameter `products-order` through a post request, which results in arbitrary sql query execution in the backend… Read more
-
NSA Warns Public Networks are Hacker Hotbeds
Agency warns attackers targeting teleworkers to steal corporate data. Read more
-
CISA Announces Vulnerability Disclosure Policy (VDP) Platform
Original release date: July 30, 2021 CISA has announced the establishment of its Vulnerability Disclosure Policy (VDP) Platform for the federal civilian enterprise, which will allow the Federal Civilian Executive Branch to coordinate with the civilian security research community in a streamlined fashion. The VDP Platform provides a single, centrally managed website that agencies can… Read more