flaws

  • Blog
    digitpatrox4 days ago
    17

    Over 25,000 SonicWall VPN Firewalls exposed to critical flaws

    Over 25,000 publicly accessible SonicWall SSLVPN devices are vulnerable to critical severity flaws, with 20,000 using a SonicOS/OSX firmware version that the vendor no longer supports. These results come from an analysis conducted by cybersecurity firm Bishop Fox, which was motivated by a series of important vulnerabilities disclosed this year impacting SonicWall devices. Vulnerabilities affecting SonicWall SSL VPN devices were recently…

    Read More »
  • Blog
    digitpatrox2 weeks ago
    23

    Japan warns of IO-Data zero-day router flaws exploited in attacks

    Japan’s CERT is warning that hackers are exploiting zero-day vulnerabilities in I-O Data router devices to modify device settings, execute commands, or even turn off the firewall. The vendor has acknowledged the flaws in a security bulletin published on its website. However, the fixes are expected to land on December 18, 2024, so users will be exposed to risks until…

    Read More »
  • Blog
    digitpatrox4 weeks ago
    29

    QNAP addresses critical flaws across NAS, router software

    QNAP has released security bulletins over the weekend, which address multiple vulnerabilities, including three critical severity flaws that users should address as soon as possible. Starting with QNAP Notes Station 3, a note-taking and collaboration application used in the firm’s NAS systems, the following two vulnerabilities impact it: CVE-2024-38643 – Missing authentication for critical functions could allow remote attackers to…

    Read More »
  • Blog
    digitpatroxNovember 9, 2024
    123

    HPE warns of critical RCE flaws in Aruba Networking access points

    Hewlett Packard Enterprise (HPE) released updates for Instant AOS-8 and AOS-10 software to address two critical vulnerabilities in Aruba Networking Access Points. The two security issues could allow a remote attacker to perform unauthenticated command injection by sending specially crafted packets to Aruba’s Access Point management protocol (PAPI) over UDP port 8211. The critical flaws are tracked as CVE-2024-42509 and CVE-2024-47460, and have…

    Read More »
  • Blog
    digitpatroxNovember 6, 2024
    48

    Germany drafts law to protect researchers who find security flaws

    The Federal Ministry of Justice in Germany has drafted a law to provide legal protection to security researchers who discover and responsibly report security vulnerabilities to vendors. When security research is conducted within the specified boundaries, those responsible will be excluded from criminal liability and the risk of prosecution. “Those who want to close IT security gaps deserve recognition—not a…

    Read More »
  • Blog
    digitpatroxOctober 31, 2024
    47

    Apple Found One of Chrome’s ‘Critical’ Security Flaws

    On Tuesday, Google released a new update for Chrome, upgrading it to version 130.0.6723.91/.92 for Windows and Mac, and 130.0.6723.91 for Linux. When you install the update and refresh your browser, you won’t be greeted with a new UI or a handful of new features or changes. Instead, you’ll be running a browser that patches two security vulnerabilities found in older…

    Read More »
  • Blog
    digitpatroxOctober 29, 2024
    41

    Apple is offering rewards of up to $1 million to find critical flaws in its private AI cloud systems

    Apple is offering a $1 million (£770,000) bounty for flaws that could be used by hackers to run code in Private Cloud Compute (PCC), the cloud system used to power advanced AI features that can’t run on device. Bug bounty programs are a popular way for technology companies to incentivise security researchers to seek out vulnerabilities in their code, offering…

    Read More »
  • Blog
    digitpatroxOctober 27, 2024
    49

    Over 70 zero-day flaws get hackers $1 million at Pwn2Own Ireland

    The fourth day of Pwn2Own Ireland 2024 marked the end of the hacking competition with more than $1 million in prizes for over 70 unique zero-day vulnerabilities in fully patched devices. The hacking contest pits security researchers against various software and hardware products, in an attempt earn the “Master of Pwn” title by compromising targets in eight categories ranging from mobile phones, messaging…

    Read More »
  • Blog
    digitpatroxOctober 25, 2024
    49

    Jensen Huang just issued a big update on Nvidia’s Blackwell chip flaws

    Nvidia CEO Jensen Huang has confirmed that a design flaw that was impacting the expected yields from its Blackwell AI GPUs has been addressed. Huang clarified that the issue was the result of Nvidia’s design, and not its fabricating partner TSMC, with mass production of the Blackwell B100 and B200 GPUs expected to resume later this month, according to Reuters.…

    Read More »
  • Blog
    digitpatroxOctober 20, 2024
    52

    Severe flaws in E2EE cloud storage platforms used by millions

    Several end-to-end encrypted (E2EE) cloud storage platforms are vulnerable to a set of security issues that could expose user data to malicious actors. Cryptographic analysis from ETH Zurich researchers Jonas Hofmann and Kien Tuong Turong revealed issue with Sync, pCloud, Icedrive, Seafile, and Tresorit services, collectively used by more than 22 million people. The analysis was based on the threat…

    Read More »
Load More
Back to top button
close