Sign-up

VARIoT news about IoT security

Government issues urgent warning for Apple users: Critical vulnerabilities found in iPhones, Macs, and Safari | Tech News

Trust: 5.75

Fetched: Nov. 26, 2024, 9:35 a.m., Published: Nov. 25, 2024, 7:25 a.m.
 Vulnerabilities: denial of service, cross-site scripting
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: macos
vendor: apple model: safari
db: NVD ids: CVE-2024-44309, CVE-2024-44308

Topic: “Connected to device. Can’t provide internet.” @ AskWoody

Trust: 3.25

Fetched: Nov. 26, 2024, 9:33 a.m., Published: Nov. 2, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: d-link model: router

D-Link won't patch its older VPN routers, leaving critical vulnerability unaddressed | TechSpot

Trust: 4.75

Fetched: Nov. 26, 2024, 9:32 a.m., Published: Nov. 11, 2024, midnight
 Vulnerabilities: buffer overflow, code execution, command injection
Affected productsExternal IDs
vendor: d-link model: router
vendor: d-link model: dsr-150n
vendor: d-link model: dsr-500n
vendor: d-link model: dsr-150
vendor: d-link model: dsr-250
vendor: d-link model: dsr-250n
vendor: d-link model: dsr-1000n

Malware exploits Avast driver vulnerability to terminate security processes

Trust: 3.75

Fetched: Nov. 26, 2024, 9:32 a.m., Published: Nov. 25, 2024, 11:04 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend micro model: antivirus
vendor: blackberry model: blackberry
vendor: symantec model: antivirus
vendor: trend model: security
vendor: trend model: antivirus
vendor: avast model: antivirus
db: NVD ids: CVE-2022-26522, CVE-2022-26523

Apple iPhone, iPad, And Mac Users at Risk: CERT-In Issues High Severity Security Warning - Tech

Trust: 5.5

Fetched: Nov. 26, 2024, 9:31 a.m., Published: Nov. 25, 2024, 7:13 a.m.
 Vulnerabilities: code execution, cross-site scripting
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: ipad
db: NVD ids: CVE-2024-44309, CVE-2024-44308

'High risk' for Apple iPhone, iPad, Mac users, government warns - Hindustan Times

Trust: 4.5

Fetched: Nov. 26, 2024, 9:30 a.m., Published: Nov. 25, 2024, 6:34 a.m.
 Vulnerabilities: code execution, denial of service, cross-site scripting
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: ipad

CERT-In issues major warning for iPhone, iPad and Mac users: Here's how to keep your device safe

Trust: 4.75

Fetched: Nov. 26, 2024, 9:30 a.m., Published: Nov. 25, 2024, 6:21 a.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: ipad
db: NVD ids: CVE-2024-44309, CVE-2024-44308

Android 15 users beware, govt has issues a high risk warning and you should not ignore it - India Today

Trust: 4.0

Fetched: Nov. 26, 2024, 9:29 a.m., Published: Nov. 26, 2024, 6:08 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: google model: android

CERT-In Issues Critical Security Alert for Apple Users: Update Your Devices Now

Trust: 4.75

Fetched: Nov. 26, 2024, 9:28 a.m., Published: Nov. 25, 2024, 1:51 p.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: macos
vendor: apple model: safari
db: NVD ids: CVE-2024-44309, CVE-2024-44308

2000 Un-Patched Palo Alto Firewalls Exploited Via PAN-OS Vulnerabilities

Trust: 4.5

Fetched: Nov. 26, 2024, 9:27 a.m., Published: Nov. 25, 2024, 9 a.m.
 Vulnerabilities: authentication bypass, command execution, privilege escalation
Affected productsExternal IDs
vendor: palo alto networks model: firewall
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: networks
vendor: palo model: firewall
vendor: palo model: pan-os
vendor: palo model: networks
db: NVD ids: CVE-2024-9474, CVE-2024-0012

Samsung Electronics Scales Up Mobile Security Rewards Programme To Boost Industry Collaboration and Commitment - Samsung Newsroom U.K.

Trust: 3.5

Fetched: Nov. 26, 2024, 9:27 a.m., Published: Nov. 25, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: samsung model: mobile devices
vendor: samsung model: samsung mobile
vendor: samsung model: galaxy
vendor: samsung model: samsung galaxy
vendor: samsung model: samsung

Solved: Re: CISCO Meraki MS 120 - Qualys Vulnerability Scan - The Meraki Community

Trust: 3.25

Fetched: Nov. 26, 2024, 9:26 a.m., Published: Jan. 5, 2024, 12:33 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: meraki ms

Mitigation strategies for edge devices | by SOCFortress | Oct, 2024 | Medium

Trust: 3.0

Fetched: Nov. 26, 2024, 9:25 a.m., Published: Oct. 26, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point

7 Android & Pixel Vulnerabilities Exposed: Researcher Publishes PoC Exploits

Trust: 4.75

Fetched: Nov. 26, 2024, 9:24 a.m., Published: Nov. 26, 2024, 1:38 a.m.
 Vulnerabilities: security bypass
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2023-20963, CVE-2024-34719, CVE-2023-21383, CVE-2021-0600, CVE-2024-0017

Zyxel Firewalls Exploited in Recent Ransomware Attacks - VULNERA

Trust: 4.75

Fetched: Nov. 26, 2024, 9:24 a.m., Published: Nov. 25, 2024, 9:03 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-42057

Wiz observes CVE-2024-0012 and CVE-2024-9474 exploitation | Wiz Blog

Trust: 5.25

Fetched: Nov. 26, 2024, 9:23 a.m., Published: Nov. 22, 2024, 1:50 p.m.
 Vulnerabilities: code execution, command execution, privilege escalation...
Affected productsExternal IDs
vendor: palo alto networks model: firewall
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: networks
vendor: palo model: firewall
vendor: palo model: pan-os
vendor: palo model: networks
db: NVD ids: CVE-2024-9474, CVE-2024-0012

Virat Kohli comments on recent Apple vulnerability

Trust: 4.75

Fetched: Nov. 26, 2024, 9:23 a.m., Published: Nov. 25, 2024, 5:50 p.m.
 Vulnerabilities: denial of service, cross-site scripting
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: software update
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: ipad
db: NVD ids: CVE-2024-44309, CVE-2024-44308

Second Critical Ivanti Cloud Services Appliance (CSA) Vulnerability Actively Exploited In Attacks

Trust: 3.75

Fetched: Nov. 26, 2024, 9:22 a.m., Published: Nov. 3, 2024, midnight
 Vulnerabilities: path traversal, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-8190, CVE-2024-8963

Hacking these IoT baby monitors is child's play, researchers reveal

Trust: 3.75

Fetched: Nov. 26, 2024, 9:22 a.m., Published: Dec. 2, 2024, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs

Access Denied

Trust: 3.25

Fetched: Nov. 26, 2024, 9:22 a.m., Published: May 19, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: samsung