Eavesdropping Bugs in MediaTek Chips Affect 37% of All Smartphones and IoT Globally – Tempemail

Multiple security weaknesses have been disclosed in MediaTek system-on-chips (SoCs) that could have enabled a threat actor to elevate privileges and execute arbitrary code in the firmware of the audio processor, effectively allowing the attackers to carry out a “massive eavesdrop campaign” without the users’ knowledge. The discovery of the Continue Reading

We need to rethink Halloween costumes – they affect our children- Tempemail

When I was growing up in America, Halloween was a chance for creative juices to flow when it came to inventing and assembling costumes. We could dress up as anything – a cartoon character, an astronaut, a crayon, our favourite superhero, or any other person, place, or thing we felt Continue Reading

Cop26 road closures: How climate change summit will affect travel in Glasgow- Tempemail

More than 25,000 delegates are set to descend on Glasgow in less than two weeks when the Cop26 climate summit which was delayed by Covid-19 finally begins. Hosted by the UK under the presidency of former business secretary Alok Sharma and in partnership with Italy, the summit at the city’s Continue Reading

Critical Auth Bypass Bug Affect NETGEAR Smart Switches — Patch and PoC Released – Tempemail

Networking, storage and security solutions provider Netgear on Friday issued patches to address three security vulnerabilities affecting its smart switches that could be abused by an adversary to gain full control of a vulnerable device. The flaws, which were discovered and reported to Netgear by Google security engineer Gynvael Coldwind, Continue Reading

Critical Flaws Affect Embedded TCP/IP Stack Widely Used in Industrial Control Devices – Tempemail

Cybersecurity researchers on Wednesday disclosed 14 vulnerabilities affecting a commonly-used TCP/IP stack used in millions of Operational Technology (OT) devices manufactured by no fewer than 200 vendors and deployed in manufacturing plants, power generation, water treatment, and critical infrastructure sectors. The shortcomings, collectively dubbed “INFRA:HALT,” target NicheStack, potentially enabling an Continue Reading

Several New Critical Flaws Affect CODESYS Industrial Automation Software – Tempemail

Cybersecurity researchers on Wednesday disclosed multiple security vulnerabilities impacting CODESYS automation software and the WAGO programmable logic controller (PLC) platform that could be remotely exploited to take control of a company’s cloud operational technology (OT) infrastructure. The flaws can be turned “into innovative attacks that could put threat actors in Continue Reading

New High-Severity Bugs Affect 128 Dell PC and Tablet Models – Tempemail

Cybersecurity researchers on Thursday disclosed a chain of vulnerabilities affecting the BIOSConnect feature within Dell Client BIOS that could be abused by a privileged network adversary to gain arbitrary code execution at the BIOS/UEFI level of the affected device. “As the attacker has the ability to remotely execute code in Continue Reading

New Spectre Flaws in Intel and AMD CPUs Affect Billion of Computers – Tempemail

When Spectre, a class of critical vulnerabilities impacting modern processors, was publicly revealed in January 2018, the researchers behind the discovery said, “As it is not easy to fix, it will haunt us for quite some time,” explaining the inspiration behind naming the speculative execution attacks. Indeed, it’s been more Continue Reading

BIOS PrivEsc Bugs Affect Hundreds of Millions of Dell PCs Worldwide – Tempemail

PC maker Dell has issued an update to fix multiple critical privilege escalation vulnerabilities that went undetected since 2009, potentially allowing attackers to gain kernel-mode privileges and cause a denial-of-service condition. The issues, reported to Dell by researchers from SentinelOne on Dec. 1, 2020, reside in a firmware update driver Continue Reading

Flaws in Two Popular WordPress Plugins Affect Over 7 Million Websites – Tempemail

Researchers have disclosed vulnerabilities in multiple WordPress plugins that, if successfully exploited, could allow an attacker to run arbitrary code and take over a website in certain scenarios. The flaws were uncovered in Elementor, a website builder plugin used on more than seven million sites, and WP Super Cache, a Continue Reading