Exploits and vulnerabilities

UDP Technology IP Camera firmware vulnerabilities allow for attacker to achieve root - Researchers found 11 vulnerabilities in IP camera firmware, but the vendor refused to work with them. As a result users are left wondering whether their camera's can be taken over remotely.
Kaseya Unitrends has unpatched vulnerabilities that could help attackers expand a breach - Kaseya Unitrends, another service offered by Kaseya, includes a newly-discovered vulnerability. It's not as bad as Kaseya VSA's flaws.
Millions of Windows machines affected by ancient printer vulnerability - A vulnerability in laser printer drivers for Windows has been lying dormant for 16 years.
HiveNightmare zero-day lets anyone be SYSTEM on Windows 10 and 11 - HiveNightmare, aka SeriousSAM, allows attackers to extract hashed passwords from Shadow copies of the registry.
US, EU, UK, NATO blame china for “reckless” Exchange attacks - The US, UK, EU, and NATO have have issued a coordinated, public censure of China for its role in attacks against  Exchange servers earlier this year.
SonicWall warns users of “imminent ransomware campaign” - SonicWall is just the latest security vendor to see its products used to perpetuate ransomware attacks.
Four in-the-wild exploits, 13 critical patches headline bumper Patch Tuesday - Looking at the urgency levels Microsoft has assigned to this month's patches, sysadmins have their work cut out for them once again.
How one word can disable an iPhone’s WiFi functionality - A researcher has found a way to disable the WiFi functionality on iPhones by getting them to join a WiFi hotspot with a weird name. This shouldn't be happening.
UPDATED: Patch now! Emergency fix for PrintNightmare released by Microsoft - Microsoft has issued out-of-band updates for the remote code execution PrintNightmare vulnerability.

Select your language