Trending
Heat Index
exploits
Most Recent
 
Read More
March 16, 2019

How a wireless keyboard lets hackers take full control of connected computers

Enlarge (credit: Fujitsu)

There’s a critical vulnerability in a model of Fujitsu wireless keyboard that makes it easy for hackers to take full control of connected computers, security researchers warned on Friday. Anyone using the keyboard model should strongly consider replacing it immediately.

The Fujitsu Wireless Keyboard Set LX901 uses a proprietary 2.4 GHz radio communication protocol called WirelessUSB LP from Cypress Semiconductor. While the keyboard and mouse send input that’s protected with the time-tested Advanced Encryption Standard, the USB dongle that accepts the input accepts unencrypted packets as well, as long [...]

 
Read More
March 15, 2019

Nasty WinRAR bug is being actively exploited to install hard-to-detect malware

Enlarge (credit: Michael Theis / Flickr)

Malicious hackers wasted no time exploiting a nasty code-execution vulnerability recently disclosed in WinRAR, a Windows file-compression program with 500 million users worldwide. The in-the-wild attacks install malware that, at the time this post was going live, was undetected by the vast majority of antivirus product.

The flaw, disclosed last month by Check Point Research, garnered instant mass attention because it made it possible for attackers to surreptitiously install persistent malicious applications when a target opened a compressed ZIP file using any version of WinRAR released [...]

 
Read More
February 26, 2019

Supermicro hardware weaknesses let researchers backdoor an IBM cloud server

Enlarge (credit: Jeremy Brooks / Flickr)

More than five years have passed since researchers warned of the serious security risks that a widely used administrative tool poses to servers used for some of the most sensitive and mission-critical computing. Now, new research shows how baseboard management controllers, as the embedded hardware is called, threaten premium cloud services from IBM and possibly other providers.

In short, BMCs are motherboard-attached microcontrollers that give extraordinary control over servers inside datacenters. Using the Intelligent Platform Management Interface, admins can reinstall operating [...]

 
Read More
February 22, 2019

Millions of websites threatened by highly critical code-execution bug in Drupal

Enlarge (credit: Victorgrigas)

Millions of sites that run the Drupal content management system run the risk of being hijacked until they’re patched against a vulnerability that allows hackers to remotely execute malicious code, managers of the open source project warned Wednesday.

CVE-2019-6340, as the flaw is tracked, stems from a failure to sufficiently validate user input, managers said in an advisory. Hackers who exploited the vulnerability could, in some cases, run code of their choice on vulnerable websites. The flaw is rated highly critical.

“Some field types do not properly sanitize data from [...]

Latest Headlines
 
 
Read More
 

Trending Topics
Tech
Gaming
Android
Apple
gear
News
TC
Deals
Google
Top Stories
 
 
 
 
 
 
 
 
Right Now
 
 
 
 
 
 
Top Five
Heat Index
 
1
Black Friday 2018’s Nintendo Eshop Game Deals (Switch/3DS): Zelda, Dead Cells, Monster Hunter, More
 
2
Red Dead Redemption 2 Guide: Legendary Animals, Pelts, And Where To Find Them
 
3
Canada’s Corel is acquiring virtualization specialist Parallels in an all-cash deal
 
4
How a 19th-Century Teenager Sparked a Battle Over Who Owns Our Faces
 
5
FiLMiC Pro adds LogV2 support for greatly improved dynamic range on latest iPhones