Critical Flaws in Global Security Cameras

Global Security Infrastructure Exposed Axis Communications, the global market leader for IP enabled security cameras, has confirmed there are seven major vulnerabilities in 400 of its security camera models. Axis’ cameras are frequently used as part of critical security infrastructure in places like the Sydney Airport, Moscow Metro and the City of Houston. Exploitation of…

June Patch Tuesday: Summer Storm

Microsoft Releases 50 Updates For June Patch Tuesday, Microsoft has released a massive 50-update rollup that affects every version of Windows still in support. Included are fixes for the Windows OS, Internet Explorer, Microsoft Edge, the ChakraCore JavaScript engine, Microsoft Office and Microsoft Office Services, and Web Apps. If you are using Windows 10, this…

Flash Alert: Zero-Day Update

Adobe Issues Patch for Flash Player Zero-Day Exploit Adobe has released a critical update for Flash. This zero-day vulnerability is, on a limited basis, being exploited in the wild. According to the Adobe Security Bulletin, “These attacks leverage Office documents with embedded malicious Flash Player content distributed via email.” It seems the end of Flash is going…

100 Million IoT Devices Exposed

Z-Wave IoT Devices Exposed Z-Wave, a protocol primarily used for home automation, is vulnerable to security downgrade attacks. According to the Z-Wave Alliance, an organization dedicated to advancing Z-Wave, the protocol is currently used by 700 companies in over 2,400 IoT and smart products. It is estimated that over 100 Million IoT devices are affected. It…

Microsoft Zero-Day for JScript

Remote Code Execution Vulnerability Disclosed Researchers at Telspace Systems have advised they have found a Zero Day exploit, but no fix is yet available. The release date has been estimated to be in the July 2018 Patch Tuesday, however we will let you know when a fix is announced. The issue lies in Microsoft’s ECMAScript…

FBI Warns Again of New Hidden Cobra Strike

Hidden Cobra Strikes Again US-CERT and the FBI have issued a new alert on cyber-attacks it blames on North Korea.  The warning is about the hacking operations dubbed “HIDDEN COBRA” that the United States charges were launched by Pyongyang. The alert did not identify specific victims, though it cited a February 2016 report from several…

‘Roll Back’ To The Future

Beware: Windows 10 Feature Updates are Double Work! Windows 10 Feature Updates (Windows 10 Servicing) will dominate the agenda of many IT Managers as Microsoft uses their new release method to introduce new operating system experiences and security enhancements for their flagship operating system. These are scheduled for release every 6 months until the end…

FBI Warning: Reset Your Routers

FBI, DHS, and UK Authorities issue warning over VPNFilter The FBI, DHS and UK authorities have issued a warning for the VPNFilter malware threat. According to Alert TA18-145A, there are concerns that actors will use VPNFilter to target routers and “collect intelligence, exploit local area network (LAN) devices, and block actor-configurable network traffic.” Cisco researchers…

The Rapid Rise of the IoT

The IoT is Here to Stay: Risks Included Research from Metova has revealed the current scale of smart product adoption in the United States.  According to Metova, 90 percent of U.S users now own some form of smart device. This shows the IoT has truly reached mass adoption across the country. This also presents inherent…

Red Hat Vulnerabilities Exposed

Red Hat Linux DHCP Client Vulnerability Red Hat has been made aware of a couple of flaws in the way the Linux kernel handles exceptions triggered after the POP SS and MOV to SS instructions, these are identified as CVE-2018-8897 & CVE-2018-1087. These issues could lead to a denial of service (DoS) for unpatched systems.…