HackDig : Dig high-quality web security articles

Securing Smart Cities from the Ground Up

Smart City network infrastructure demands a proactive approach to find vulnerabilities before hackers find themSmart technology continues to change how people live and interact with the cities around them. While the full value of a connected city evolves – one that leverages innovations powered by artificial intelligence and machine learning – cybersecurity
Publish At:2022-07-28 12:03 | Read:318 | Comments:0 | Tags:ICS/OT INDUSTRY INSIGHTS IoT Security

Updated TSA Pipeline Cybersecurity Requirements Offer More Flexibility

The Transportation Security Administration (TSA) has updated its directive for oil and natural gas pipeline cybersecurity, providing owners and operators more flexibility in achieving the outlined goals.After a ransomware attack conducted by a Russia-linked cybercrime group forced Colonial Pipeline to shut down systems in May 2021, the TSA issued a directive
Publish At:2022-07-25 12:03 | Read:445 | Comments:0 | Tags:ICS/OT NEWS & INDUSTRY Security Architecture Management

Unpatched Micodus GPS Tracker Vulnerabilities Allow Hackers to Remotely Disable Cars

Widely used vehicle GPS trackers from Micodus are affected by critical vulnerabilities that can be exploited by hackers to stalk people and remotely disable cars, according to cybersecurity company BitSight.BitSight researchers discovered the flaws last year and the company has been trying to responsibly disclose its findings to China-based GPS tracker suppl
Publish At:2022-07-19 16:13 | Read:313 | Comments:0 | Tags:NEWS & INDUSTRY Vulnerabilities IoT Security hack

Honda Admits Hackers Could Unlock Car Doors, Start Engines

“Rolling-PWN attack” targets Remote Keyless System on Honda vehiclesHonda has confirmed that researchers were indeed able to hack the remote keyless entry system of certain Honda vehicles to unlock the doors and start the engine.Over the weekend, security researchers Kevin2600 and Wesley Li from Star-V Lab published information on a security bug they identif
Publish At:2022-07-13 08:05 | Read:342 | Comments:0 | Tags:NEWS & INDUSTRY Vulnerabilities IoT Security hack

False Air Raid Sirens in Israel Possibly Triggered by Iranian Cyberattack

Air raid sirens sounded in the Israeli cities of Jerusalem and Eilat on Sunday evening and it appears that they were triggered by a cyberattack, possibly conducted by Iranian hackers.The sirens, which warn the population about rocket attacks, blared for nearly an hour, according to local media reports.An investigation conducted by the Israeli military found
Publish At:2022-06-21 09:13 | Read:574 | Comments:0 | Tags:Cyberwarfare ICS/OT NEWS & INDUSTRY IoT Security cyber

Schneider Electric, Claroty Launch Cybersecurity Solution for Buildings

Schneider Electric and industrial cybersecurity firm Claroty on Monday announced the launch of a joint solution designed for securing smart buildings.Buildings are becoming increasingly smart, but building management systems (BMS) are often affected by vulnerabilities that can allow threat actors to take control of HVAC, doors, security and other systems. So
Publish At:2022-06-14 09:13 | Read:530 | Comments:0 | Tags:ICS/OT NEWS & INDUSTRY IoT Security security cyber cyber

Researcher Shows How Tesla Key Card Feature Can Be Abused to Steal Cars

A researcher has shown how a key card feature introduced by Tesla last year could be abused to add an unauthorized key that allows an attacker to open and start a vehicle.The research was conducted by Martin Herfurt, an Austria-based member of the Trifinite research group, which focuses on Bluetooth security.Herfurt’s analysis targeted a change made by Tesla
Publish At:2022-06-13 09:12 | Read:658 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Wireless Security Vulner

Vulnerabilities in HID Mercury Access Controllers Allow Hackers to Unlock Doors

Access control products using HID Mercury controllers are affected by critical vulnerabilities that can be exploited by hackers to remotely unlock doors.The vulnerabilities were discovered by researchers at XDR firm Trellix, which launched earlier this year following the merger of McAfee Enterprise and FireEye.The issues were found in products from LenelS2 —
Publish At:2022-06-10 13:10 | Read:897 | Comments:0 | Tags:NEWS & INDUSTRY Vulnerabilities IoT Security hack

Threat Actors Start Exploiting Meeting Owl Pro Vulnerability Days After Disclosure

Threat actors have already started exploiting a severe vulnerability that Owl Labs addressed in its video conferencing devices earlier this week.Tracked as CVE-2022-31460 (CVSS score of 7.4), the security bug can be exploited to turn a vulnerable device into a rogue access point to the Wi-Fi network it is connected to.Impacting Owl Labs’ Meeting Owl Pro and
Publish At:2022-06-09 09:12 | Read:393 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Vulnerabilities Cybe

Owl Labs Patches Severe Vulnerability in Video Conferencing Devices

Video conferencing company Owl Labs has released patches for a severe vulnerability affecting its Meeting Owl Pro and Whiteboard Owl devices.Owl Labs’ Meeting Owl Pro features a 360° lens camera to offer a panoramic view of the conference room. It offers support for various video conferencing solutions, including Zoom, Skype, and Google Meet.Security researc
Publish At:2022-06-08 09:13 | Read:1146 | Comments:0 | Tags:NEWS & INDUSTRY Vulnerabilities IoT Security Vulnerabili

Critical U-Boot Vulnerability Allows Rooting of Embedded Systems

A critical vulnerability in the U-Boot boot loader could be exploited to write arbitrary data, which can allow an attacker to root Linux-based embedded systems, according to NCC Group.An open-source boot loader, U-Boot is used in various types of embedded systems, including ChromeOS and Android. It supports multiple architectures, including 68k, ARM, x86, MI
Publish At:2022-06-06 09:12 | Read:1693 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Vulnerabilities IoT Se

Ordr Raises $40 Million to Secure Connected Devices

Connected device security firm Ordr today announced that it has raised $40 million in a Series C funding round. To date, the company has raised more than $90 million.The new investment round was co-led by Battery Ventures and Ten Eleven Ventures, with participation from Northgate Capital, Kaiser Permanente Ventures, Mayo Clinic, Unusual Ventures, Wing Ventur
Publish At:2022-06-01 13:10 | Read:1007 | Comments:0 | Tags:NEWS & INDUSTRY Management & Strategy IoT Security

Researchers Devise Attack Using IoT and IT to Deliver Ransomware Against OT

Critical industries must prepare themselves for a new wave of ransomware attacks specifically targeting OTRansomware is a category of extortion. Its sole purpose is to extract money from the victim. As industry got better at avoiding ransom demands, the attackers added another level of extortion – data blackmail to create ‘double extortion’.As defenders get
Publish At:2022-06-01 09:12 | Read:468 | Comments:0 | Tags:ICS/OT NEWS & INDUSTRY IoT Security ransomware

Critical Vulnerabilities Found in Open Automation Software Platform

Cisco’s Talos research and threat intelligence unit revealed on Wednesday that one of its employees discovered several critical and high-severity vulnerabilities in the Open Automation Software Platform.Open Automation Software is a US-based company that provides connectivity solutions for ICS or IoT devices, databases, and custom applications. The company’s
Publish At:2022-05-26 09:23 | Read:1085 | Comments:0 | Tags:ICS/OT NEWS & INDUSTRY Vulnerabilities IoT Security

Over $1.1 Million Awarded at Pwn2Own Vancouver 2022 for 25 Zero-Day Vulnerabilities

Participants earned a total of more than $1.15 million at the Pwn2Own Vancouver 2022 hacking contest last week.According to Trend Micro’s Zero Day Initiative (ZDI), which organizes the event, rewards were paid out for 25 unique zero-day vulnerabilities that were used to target Tesla Model 3, Windows 11, Ubuntu, Microsoft Teams, Safari, Firefox and Oracle Vir
Publish At:2022-05-23 09:12 | Read:1039 | Comments:0 | Tags:NEWS & INDUSTRY Vulnerabilities IoT Security

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud