expose

  • Blog

    Vulnerable Moxa devices expose industrial networks to attacks

    Industrial networking and communications provider Moxa is warning of a high-severity and a critical vulnerability that impact various models of its cellular routers, secure routers, and network security appliances. The two seurity issues allow remote attackers to get root privileges on vulnerable devices and to execute arbitrary commands, which could lead to arbitrary code execution. Risks on Moxa routers Moxa devices…

    Read More »
  • Blog

    Guide Helps Australian Workers Expose Tech Wrongdoings

    The Human Rights Law Centre has released a new guide that empowers Australian tech employees to speak out against harmful company practices or products. The guide, Technology-Related Whistleblowing, provides a summary of legally protected avenues for raising concerns about the harmful impacts of technology, as well as practical considerations. SEE: ‘Right to Disconnect’ Laws Push Employers to Rethink Tech Use…

    Read More »
  • Blog

    Smart Appliances Could Expose Your WiFi to Hacking Risks

    Earlier this year, Consumer Reports researched how long appliance companies like GE, LG, and Samsung tell their customers they’ll keep their appliances’ software updated. This is important because security experts are constantly finding and fixing vulnerabilities in software—along with supplying new features—that’s why your phone and laptop get regular updates for years after you buy them. The CR researchers looked…

    Read More »
  • Blog

    Misconfigurations in Microsoft Power Pages could expose millions of sensitive records

    A data exposure issue stemming from misconfigured access controls in Microsoft Power Pages has left several millions of records exposed to unauthorized users, new research reveals. Aaron Costello, chief of SaaS security and research at AppOmni, detailed how Microsoft’s website building platform could be granting anonymous users permissions to access sensitive PII. In September 2024, Costello said he uncovered “significant…

    Read More »
  • Blog

    Hackers could dupe Slack’s AI features to expose private channel messages

    Slack’s LLM-powered AI tool can be tricked into leaking sensitive data from private channels in a new prompt-engineering attack, according to security researchers. A report from LLM security specialists PromptArmor details a potential pathway for cyber criminals to use indirect prompt injection techniques to manipulate Slack AI to disclose data from channels they are not a part of. Slack AI…

    Read More »
Back to top button
close