Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Chinese hackers have used a zero-day in the Trend Micro OfficeScan antivirus during their attacks on Mitsubishi Electric, ZDNet has learned from sources close to the investigation. Trend Micro has now patched the vulnerability, but the company did not comment if the Read More …

Critical, Unpatched ‘MDhex’ Bugs Threaten Hospital Devices

A collection of six cybersecurity vulnerabilities in a range of GE Healthcare devices for hospitals has been discovered. Dubbed “MDhex” by the researchers at CyberMDX who discovered them, the bugs would allow attackers to disable the devices, harvest personal health Read More …

FBI: Nation-state actors have breached two US municipalities

Nation-state hackers have breached the networks of two US municipalities last year, the FBI said in a security alert sent to private industry partners last week. The hacks took place after attackers used the CVE-2019-0604 vulnerability in Microsoft SharePoint servers to breach Read More …

Critical Remote Code-Execution Bugs Threaten Global Power Plants

Siemens industrial equipment commonly found in fossil-fuel and large-scale renewable power plants are riddled with multiple security vulnerabilities, the most severe of which are critical bugs allowing remote code-execution. The affected product is SPPA-T3000, a distributed control system used for Read More …

BMW and Hyundai hacked by Vietnamese hackers, report claims

German media is reporting that hackers suspected to have ties to the Vietnamese government have breached the networks of two car manufacturers, namely BMW and Hyundai. The report, coming from Bayerischer Rundfunk (BR) and Taggesschau (TS), claims that hackers breached the network of a Read More …

Major vulnerability patched in the EU’s eIDAS authentication system

European authorities have released today a patch for the eIDAS system. The patch fixes two security flaws that could allow an attacker to pose as any EU citizen or business during official transactions. eIDAS stands for electronic IDentification, Authentication and trust Services. It is a Read More …

Uncovering IoT Threats in the Cybercrime Underground

Amid the growth of the internet of things (IoT), manufacturers and integrators are testing the limits of how the technology can be applied, as seen in how new forms of connected devices are hitting the market. Some applications play critical Read More …

Popular SoC Boards Have An Unpatchable Security Flaw, Leaving Many Automotive, Industrial And Military Components At Risk

Researchers conducting a routine security audit recently discovered two serious security flaws within a popular brand of System on a Chip (SoC) boards. The security vulnerability undermines secure boot capabilities. What’s most concerning is the fact that the SoC is Read More …

Cyberattack warning to small plane owners: How your aircraft could be vulnerable

The alert from the DHS critical infrastructure computer emergency response team. warns that modern flight systems are vulnerable to hacking if a person manages to gain unrestricted access to an aircraft. The alert also recommends that small plane owners restrict unauthorized physical Read More …