Sign-up

VARIoT news about IoT security

Apple's new Stolen Device Protection has a big vulnerability. Here's how to fix it - News Headlines

Trust: 3.25

Fetched: Feb. 4, 2024, 10:13 a.m., Published: Jan. 30, 2024, 4 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone

Federal Agency Issues Security Warning for Apple Devices, Gives Three Weeks to Comply | The Epoch Times

Trust: 4.75

Fetched: Feb. 4, 2024, 10:05 a.m., Published: Aug. 28, 2016, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: watchos
vendor: apple model: tvos
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: macos
db: NVD ids: CVE-2022-48618, CVE-2024-23222

Oracle Linux 9 : grub2 (ELSA-2024-0468) - vulnerability database | Vulners.com

Trust: 3.75

Fetched: Feb. 4, 2024, 10:04 a.m., Published: Jan. 30, 2024, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2023-4001

Update your Apple devices, because the latest releases patched a major security flaw - iOS Discussions on AppleInsider Forums

Trust: 5.0

Fetched: Feb. 4, 2024, 10:03 a.m., Published: Jan. 24, 2024, 11:43 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: apple tv
vendor: apple model: webkit
vendor: apple model: tvos
vendor: apple model: iphone
vendor: apple model: macos
vendor: apple model: watch
vendor: apple model: ipad
db: NVD ids: CVE-2024-23222

From Security Week - Kyocera Device Manager Vulnerability Exposes Enterprise Credentials - Threat Note

Trust: 3.25

Fetched: Feb. 4, 2024, 9:56 a.m., Published: Jan. 10, 2024, 7:50 a.m.
 Vulnerabilities: input validation flaw
Affected productsExternal IDs

16 Types of Cyberattacks and How to Prevent Them

Trust: 4.25

Fetched: Feb. 4, 2024, 9:55 a.m., Published: Feb. 16, 2024, midnight
 Vulnerabilities: cross-site scripting, sql injection, injection attack
Affected productsExternal IDs
vendor: essential model: phone
vendor: check point model: check point

CISA Adds Six Known Exploited Vulnerabilities to Catalog | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202210-1176

Trust: 4.75

Fetched: Feb. 4, 2024, 9:55 a.m., Published: Feb. 4, 2023, midnight
 Vulnerabilities: improper access control, code execution, access control vulnerability...
Affected productsExternal IDs
vendor: d-link model: dsl-2750b
db: NVD ids: CVE-2023-27524, CVE-2023-23752, CVE-2023-29300, CVE-2023-41990, CVE-2023-38203, CVE-2016-20017

Top 10 Emerging Cybersecurity Threat in 2024 (and Solutions)

Trust: 3.5

Fetched: Feb. 4, 2024, 9:54 a.m., Published: Jan. 29, 2024, 5:49 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
vendor: essential model: phone

Apple iPhone and MacBook users are at a high risk of being hacked, Indian govt warns - India Today

Trust: 3.0

Fetched: Feb. 4, 2024, 9:53 a.m., Published: Feb. 1, 2024, 6:24 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: watchos
vendor: apple model: ipad air
vendor: apple model: tvos
vendor: apple model: macbook
vendor: apple model: icloud
vendor: apple model: ipad
vendor: apple model: ipod touch
vendor: apple model: apple tv
vendor: apple model: watch
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: macos

US government tells federal agencies they have 48 hours to repair Ivanti VPN tech following breaches | TechRadar

Trust: 5.0

Fetched: Feb. 4, 2024, 9:47 a.m., Published: Feb. 2, 2024, 1:04 p.m.
 Vulnerabilities: authentication bypass, code injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-21887, CVE-2023-46805

Risk Dashboard - Arctic Wolf Docs

Trust: 3.0

Fetched: Feb. 4, 2024, 9:46 a.m., Published: Jan. 25, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome

SonicWall firewall vulnerability impacts 178,000 devices

Trust: 4.5

Fetched: Feb. 4, 2024, 9:46 a.m., Published: Jan. 16, 2024, 7:45 p.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: sonicwall model: remote access
db: NVD ids: CVE-2022-22274, CVE-2023-0656

Apple and Google Just Patched Their First Zero-Day Flaws of the Year | WIRED

Trust: 5.5

Fetched: Feb. 4, 2024, 9:44 a.m., Published: Jan. 31, 2024, noon
 Vulnerabilities: code execution, memory corruption, feature bypass...
Affected productsExternal IDs
vendor: google model: chrome
vendor: cisco model: unified communications
db: NVD ids: CVE-2024-0808, CVE-2024-0743, CVE-2024-0755, CVE-2024-0807, CVE-2024-20677, CVE-2024-0741, CVE-2024-20253, CVE-2023-49583, CVE-2023-50422, CVE-2024-0812, CVE-2024-21737, CVE-2024-20674

ICS Advisory: Gessler GmbH WEB-MASTER - globalregulatoryinsights

Trust: 3.0

Fetched: Feb. 4, 2024, 9:44 a.m., Published: Feb. 1, 2024, 4:20 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-1040, CVE-2024-1039

Relution Remote Code Execution via Java Deserialization Vulnerability - Security Boulevard

Trust: 4.75

Fetched: Feb. 4, 2024, 9:41 a.m., Published: Feb. 1, 2024, 3:09 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2023-48178

Tesla Hacks Show Importance of Protecting Connected Devices

Trust: 5.5

Fetched: Feb. 4, 2024, 9:40 a.m., Published: Feb. 2, 2024, 2:42 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: check point model: check point
vendor: trend model: security
vendor: trend model: antivirus
vendor: trend micro model: security
vendor: trend micro model: antivirus
db: NVD ids: CVE-2023-49722

Future Internet | Free Full-Text | A Survey of Security Vulnerability Analysis, Discovery, Detection, and Mitigation on IoT Devices

Trust: 3.0

Fetched: Feb. 4, 2024, 9:32 a.m., Published: Feb. 4, 2020, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

Billions of devices vulnerable to new 'BLESA' Bluetooth security flaw | ZDNET

Related entries in the VARIoT vulnerabilities database: VAR-202004-1957

Trust: 3.5

Fetched: Feb. 4, 2024, 9:32 a.m., Published: Feb. 3, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: pixel xl
vendor: google model: pixel
vendor: google model: android
db: NVD ids: CVE-2020-9770

Guide to the 25 Best Vulnerability Scanning Tools in 2024 - The CTO Club

Trust: 3.5

Fetched: Feb. 4, 2024, 9:30 a.m., Published: Jan. 4, 2024, 5:23 a.m.
 Vulnerabilities: cross-site scripting, sql injection
Affected productsExternal IDs
vendor: wireshark model: wireshark

Microsoft Defender Vulnerability Management - Common Microsoft 365 Security Mistakes Series - Ru Campbell MVP

Trust: 3.0

Fetched: Feb. 4, 2024, 9:29 a.m., Published: Feb. 3, 2024, 10:57 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-24055