Sign-up

VARIoT news about IoT security

Apple fixes Siri vulnerabilities that could have allowed sensitive data theft from locked device. Update now! | Malwarebytes

Trust: 3.75

Fetched: Aug. 23, 2024, 9:18 a.m., Published: July 31, 2024, 1:04 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: software update
vendor: apple model: ipod touch
vendor: apple model: apple tv
vendor: apple model: watch
vendor: apple model: safari
vendor: apple model: ipad air
vendor: apple model: macos
vendor: apple model: ipad

Apple fixes Siri vulnerabilities that could have allowed sensitive data theft from locked device. Update now! | Malwarebytes

Trust: 3.75

Fetched: Aug. 23, 2024, 9:17 a.m., Published: July 31, 2024, 1:04 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: software update
vendor: apple model: ipod touch
vendor: apple model: apple tv
vendor: apple model: watch
vendor: apple model: safari
vendor: apple model: ipad air
vendor: apple model: macos
vendor: apple model: ipad

Apple fixes Siri vulnerabilities that could have allowed sensitive data theft from locked device. Update now! | Malwarebytes

Trust: 3.75

Fetched: Aug. 23, 2024, 9:16 a.m., Published: July 31, 2024, 1:04 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: software update
vendor: apple model: ipod touch
vendor: apple model: apple tv
vendor: apple model: watch
vendor: apple model: safari
vendor: apple model: ipad air
vendor: apple model: macos
vendor: apple model: ipad

Apple fixes Siri vulnerabilities that could have allowed sensitive data theft from locked device. Update now! | Malwarebytes

Trust: 3.75

Fetched: Aug. 23, 2024, 9:15 a.m., Published: July 31, 2024, 1:04 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: software update
vendor: apple model: ipod touch
vendor: apple model: apple tv
vendor: apple model: watch
vendor: apple model: safari
vendor: apple model: ipad air
vendor: apple model: macos
vendor: apple model: ipad

Vulnerability Fix to “5Ghoul” Affecting Teltonika 5G Devices | Teltonika

Trust: 3.25

Fetched: Aug. 23, 2024, 9:15 a.m., Published: May 23, 2050, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-33043, CVE-2023-33042, CVE-2023-33044

CVE-2024-33896 - Cosy+ Devices Code Injection Vulnerability

Trust: 5.0

Fetched: Aug. 21, 2024, 9:54 a.m., Published: Aug. 2, 2024, 6:16 p.m.
 Vulnerabilities: code injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-33896

Leveraging Shodan for Effective Device Discovery and Vulnerability Assessment - Dady News Media

Related entries in the VARIoT vulnerabilities database: VAR-202007-1393

Trust: 5.25

Fetched: Aug. 21, 2024, 9:52 a.m., Published: Aug. 8, 2024, 3:30 p.m.
 Vulnerabilities: default credentials, default password
Affected productsExternal IDs
vendor: google model: home
vendor: orange model: web server
vendor: cisco model: series
vendor: cisco model: cisco routers
vendor: cisco model: routers
vendor: sun microsystems model: java
vendor: sun microsystems model: linux
vendor: schneider model: modbus
vendor: schneider model: premium
vendor: schneider electric model: modbus
vendor: schneider electric model: premium
db: NVD ids: CVE-2020-5902

Apple fixes Siri vulnerabilities that could have allowed sensitive data theft from locked device. Update now! - Security Aid

Trust: 3.5

Fetched: Aug. 21, 2024, 9:52 a.m., Published: July 31, 2024, 1:21 p.m.
 Vulnerabilities: code execution, information disclosure
Affected productsExternal IDs
vendor: apple model: software update
vendor: apple model: ipad
vendor: apple model: ipod touch
vendor: apple model: ipad air
vendor: apple model: apple tv
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: watch
vendor: samsung model: mobile devices
vendor: samsung model: mobile
vendor: samsung model: samsung

From Cyber Security News - PKfail Vulnerability Allows Hackers to Install UEFI Malware on Over 200 Device Models - Threat Note

Trust: 3.25

Fetched: Aug. 21, 2024, 9:50 a.m., Published: July 26, 2024, 8:42 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

System BIOS komputerów Dell Vostro 3405 i Inspiron 3505 | Szczegóły sterownika | Dell Polska

Trust: 3.0

Fetched: Aug. 21, 2024, 9:47 a.m., Published: Aug. 21, 3405, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

CVE-2024-38063 - Security Update Guide - Microsoft - Windows TCP/IP Remote Code Execution Vulnerability

Trust: 3.0

Fetched: Aug. 21, 2024, 9:47 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-38063

CVE-2024-6242 - Rockwell Automation Chassis Restrictions Bypass Vulnerability in Select Logix Devices - SecAlerts

Trust: 3.0

Fetched: Aug. 21, 2024, 9:45 a.m., Published: Aug. 7, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-6242

BlackHat USA 2024: NCC Group reveals vulnerabilities on Sonos devices

Trust: 3.0

Fetched: Aug. 21, 2024, 9:44 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: sonos model: sonos

Co to jest cyberwymuszenie? - GeeksforGeeks

Trust: 3.5

Fetched: Aug. 21, 2024, 9:44 a.m., Published: May 19, 2024, 3:46 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: nokia model: impact
vendor: trend model: security
vendor: trend model: antivirus

Top 10 Ethical Hacking Projects to Sharpen Your Skills | Jahidul Islam

Trust: 3.5

Fetched: Aug. 21, 2024, 9:43 a.m., Published: July 27, 2024, midnight
 Vulnerabilities: sql injection
Affected productsExternal IDs
vendor: wireshark model: wireshark
vendor: aircrack-ng model: aircrack-ng

What is vulnerability assessment in RMF? - Advanced Security

Trust: 3.0

Fetched: Aug. 21, 2024, 9:42 a.m., Published: Aug. 21, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

August 2024 Patch Tuesday Highlights: 89 CVEs, 6 Zero-Day Vulnerabilities Under Exploitation - SOCRadar® Cyber Intelligence Inc.

Trust: 5.5

Fetched: Aug. 21, 2024, 9:41 a.m., Published: Aug. 14, 2024, 2:47 p.m.
 Vulnerabilities: denial of service, feature bypass, cross-site scripting...
Affected productsExternal IDs
vendor: apple model: itunes
db: NVD ids: CVE-2023-36025, CVE-2024-38107, CVE-2023-40547, CVE-2024-41730, CVE-2024-38213, CVE-2024-38166, CVE-2024-38178, CVE-2024-38125, CVE-2024-38144, CVE-2024-38163, CVE-2024-38140, CVE-2024-38150, CVE-2024-38196, CVE-2024-38193, CVE-2024-38141, CVE-2022-3775, CVE-2024-38109, CVE-2024-38200, CVE-2024-38159, CVE-2024-38198, CVE-2024-38199, CVE-2024-38202, CVE-2024-38189, CVE-2024-21302, CVE-2024-38206, CVE-2024-38147, CVE-2024-38148, CVE-2024-38106, CVE-2024-38063, CVE-2024-38160, CVE-2024-38133, CVE-2024-21412

Novel Knowledge Graph-Based Modeling for Vulnerability Detection in the Internet of Medical Things | SpringerLink

Trust: 3.0

Fetched: Aug. 21, 2024, 9:39 a.m., Published: Aug. 21, 2024, midnight
 Vulnerabilities: -

The biggest cyber attacks and vulnerabilities from July 2024

Trust: 4.5

Fetched: Aug. 21, 2024, 9:32 a.m., Published: July 31, 2024, 8:14 a.m.
 Vulnerabilities: authentication bypass, input validation vulnerability, code execution
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2024-6387, CVE-2024-4879, CVE-2008-4109, CVE-2024-5217, CVE-2024-37085, CVE-2006-5051

What is Data Security | Threats, Risks & Solutions | Imperva

Trust: 3.25

Fetched: Aug. 21, 2024, 9:29 a.m., Published: Aug. 15, 2024, 10:02 a.m.
 Vulnerabilities: system crash, sql injection
Affected productsExternal IDs
vendor: netapp model: cloud backup
vendor: google model: home