HackDig : Dig high-quality web security articles

Microsoft contributes S2C2F to OpenSSF to improve supply chain security

On August 4, 2022, Microsoft publicly shared a framework that it has been using to secure its own development practices since 2019, the Secure Supply Chain Consumption Framework (S2C2F), previously the Open Source Software-Supply Chain Security (OSS-SSC) Framework. As a massive consumer of and contributor to open source, Microsoft understands the importance
Publish At:2022-11-29 17:37 | Read:99351 | Comments:0 | Tags:Cybersecurity IoT IoT security IoT security series security

Vulnerable SDK components lead to supply chain risks in IoT and OT environments

Vulnerabilities in network components, architecture files, and developer tools have become increasingly popular attack vectors to gain access into secure networks and devices. External tools and products that are managed by vendors and developers can pose a security risk, especially to targets in sensitive industries. Attacks on software and hardware supply
Publish At:2022-11-29 17:37 | Read:105176 | Comments:0 | Tags:Cybersecurity IoT Microsoft Microsoft security intelligence

Smart lights vulnerable to "blink and you'll miss it" attack

Over the last couple of years, key parts of our daily lives have been sliding into some form of Internet connectivity. Smartphones and other devices have become necessities. Paying bills? Those systems have moved online. Tax? Online. Wage slips and bank statements? It’s paperless time. Welfare assistance? There’s a login portal for that. In short
Publish At:2022-10-11 22:46 | Read:150265 | Comments:0 | Tags:News smart light system light bulb IoT Internet of Things co

The UK Smart Grid: How It Started & How It’s Going

It’s no secret that if nations want to meet the Net Zero emission targets set by international organizations by 2050, there’s a lot of work to be done. In the UK, one of the key initiatives aimed at reducing emissions and increasing energy efficiency is the development of the Smart Grid.What Is the Smart Grid?In 2014, the Department of Energy and Climate Cha
Publish At:2022-09-28 23:53 | Read:251519 | Comments:0 | Tags:ICS Security electicity Energy energy grid Energy Sector env

How Can Cybersecurity Professionals Account for Vulnerabilities in Fleet Data?

Fleet operations today revolve around data. Telematics systems, connected cars, and similar IoT systems provide fleet managers with a wealth of information, but this connectivity also raises security concerns.As data breach costs reach their highest point in decades, accounting for vulnerabilities in organizations’ data becomes increasingly crucial. Data-ric
Publish At:2022-09-28 23:53 | Read:706203 | Comments:0 | Tags:Featured Articles ICS Security data data protection IoT moto

Why Does Medical Imaging Equipment Need Better Cybersecurity?

Medical imaging cybersecurity needs to evolve to meet today’s security threats. Cyberthreats specifically targeting health care institutions have increased over recent years. More data is also at risk since patients have begun widely using telemedicine services. In addition to the risk of information theft, there is a very serious risk to patients, including
Publish At:2022-08-24 23:55 | Read:395794 | Comments:0 | Tags:Featured Articles Healthcare ICS Security IoT IoT security m

Over 80,000 Hikvision cameras can be easily hacked

Experts warn that over 80,000 Hikvision cameras are vulnerable to a critical command injection vulnerability. Security researchers from CYFIRMA have discovered over 80,000 Hikvision cameras affected by a critical command injection vulnerability tracked as CVE-2021-36260. The Chinese vendor addressed the issue in September 2021, but tens of thousands of de
Publish At:2022-08-23 13:11 | Read:249095 | Comments:0 | Tags:Breaking News Hacking Internet of Things Security CVE-2021-3

Beyond Shadow IT: Expert Advice on How to Secure the Next Great Threat Surface

You’ve heard all about shadow IT, but there’s another shadow lurking on your systems: Internet of Things (IoT) devices.  These smart devices are the IoT in shadow IoT, and they could be maliciously or unintentionally exposing information. Threat actors can use that to access your systems and sensitive data, and wreak havoc upon your company
Publish At:2022-08-23 12:22 | Read:279888 | Comments:0 | Tags:Software Vulnerabilities Network Risk Management iot devices

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

Multiple flaws in MiCODUS MV720 Global Positioning System (GPS) trackers shipped with over 1.5 million vehicles can allow hackers to remotely hack them. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn of multiple security vulnerabilities in MiCODUS MV720 Global Positioning System (GPS) trackers which are used
Publish At:2022-07-20 11:10 | Read:275595 | Comments:0 | Tags:Breaking News Hacking Internet of Things GPS hacking news in

QNAP warns of a critical PHP flaw that could lead to remote code execution

Taiwanese company QNAP is addressing a critical PHP vulnerability that could be exploited to achieve remote code execution. Taiwanese vendor QNAP is addressing a critical PHP vulnerability, tracked as CVE-2019-11043 (CVSS score 9.8 out of 10), that could be exploited to achieve remote code execution. In certain configurations of FPM setup it is possibl
Publish At:2022-06-23 08:10 | Read:156541 | Comments:0 | Tags:Breaking News Hacking Internet of Things Security hacking ne

Unfixed vulnerability in popular library puts IoT products at risk

Researchers have found a vulnerability in a popular C standard library in IoT products that could allow attackers to perform DNS poisoning attacks against a target device. The library is known to be used by major vendors such as Linksys, Netgear, and Axis, but also by Linux distributions such as Embedded Gentoo. Because the library maintainer was unable t
Publish At:2022-05-04 12:48 | Read:200230 | Comments:0 | Tags:Exploits and vulnerabilities dns poisoning IoT library mitm

A DNS flaw impacts a library used by millions of IoT devices

A vulnerability in the domain name system (DNS) component of the uClibc library impacts millions of IoT products. Nozomi Networks warns of a vulnerability, tracked as CVE-2022-05-02, in the domain name system (DNS) component of the uClibc library which is used by a large number of IoT products. The flaw also affects DNS implementation of al
Publish At:2022-05-03 10:56 | Read:226445 | Comments:0 | Tags:Breaking News Internet of Things Security DNS DNS hijacking

IoT and Cybersecurity: What’s the Future?

IoT gizmos make our lives easier, but we forget that these doohickeys are IP endpoints that act as mini-radios. They continuously send and receive data via the internet and can be the easiest way for a hacker to access your home network. IoT devices can spy on people, steal data, or bring down vast swathes of the internet, as happened in 2016 when Mir
Publish At:2022-05-02 06:26 | Read:294016 | Comments:0 | Tags:Breaking News Internet of Things Security hacking news infor

Synology and QNAP warn of critical Netatalk flaws in some of their products

Synology warns customers that some of its NAS devices are affected by multiple critical Netatalk vulnerabilities. Synology has warned customers that multiple critical Netatalk vulnerabilities affect some of its network-attached storage (NAS) devices. Netatalk is a free, open-source implementation of the Apple Filing Protocol 
Publish At:2022-05-01 10:56 | Read:450378 | Comments:0 | Tags:Breaking News Hacking Internet of Things Security hacking ne

New BotenaGo variant specifically targets Lilin security camera DVR devices

Researchers spotted a new variant of the BotenaGo botnet malware that is considered highly evasive and has a zero-detection rate. The BotenaGo botnet was first spotted in November 2021 by researchers at AT&T, the malicious code leverages thirty-three exploits to target millions of routers and IoT devices. BotenaGo was written in Golang (Go) an
Publish At:2022-04-20 03:04 | Read:406517 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Internet of Things Malware

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud