Cybersecurity
-
Vulnerabilities
Technical Advisory – U-Boot – Unchecked Download Size and Direction in USB DFU (CVE-2022-2347)
Vendor: DENX Software Engineering Vendor URL: https://www.denx.de/wiki/U-Boot Versions affected: v2012.10-rc1 to v2023.01-rc1 Systems Affected: All systems with CONFIG_DFU_OVER_USB or CONFIG_SPL_DFU…
-
Threat Intelligence
Microsoft to Block Excel Add-ins to Stop Office Exploits
Microsoft plans to add a feature to Office Excel that will make it harder for cyberattackers to exploit the spreadsheet…
-
Threat Intelligence
‘DragonSpark’ Malware: East Asian Cyberattackers Create an OSS Frankenstein
We imagine that the world’s most successful hackers write their own dangerous code and invest heavily in the technologies they…
-
Vulnerabilities
Technical Advisory – Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434)
The Galaxy App Store is an alternative application store that comes pre-installed on Samsung Android devices. Several Android applications are…
-
Vulnerabilities
Technical Advisory – NXP i.MX SDP_READ_DISABLE Fuse Bypass (CVE-2022-45163)
Vendor: NXP Semiconductors Vendor URL: https://www.nxp.com Affected Devices: i.MX RT 101x, i.MX RT102x, i.MX RT1050/6x, i.MX 6 Family, i.MX 7…
-
Vulnerabilities
Technical Advisory – OpenJDK – Weak Parsing Logic in java.net.InetAddress and Related Classes
Vendor: OpenJDK Project Vendor URL: https://openjdk.java.net Versions affected: 8-17+ (and likely earlier versions) Systems Affected: All supported systems Author: Jeff…
-
Vulnerabilities
Technical Advisory – Multiple Vulnerabilities in Juplink RX4-1800 WiFi Router (CVE-2022-37413, CVE-2022-37414)
Juplink’s RX4-1800 WiFi router was found to have multiple vulnerabilities exposing its owners to potential intrusion in their local WiFi…
-
Threat Intelligence
Pair of Galaxy App Store Bugs Offer Cyberattackers Mobile Device Access
The Galaxy App Store, the official mobile app store available on Samsung devices, has two vulnerabilities, which, if exploited, could allow…
-
Threat Intelligence
Hunting Insider Threats on the Dark Web
Insider threats are a serious and growing problem. According to recent research, malicious employees contribute to 20% of incidents and…
-
Vulnerabilities
There’s Another Hole In Your SoC: Unisoc ROM Vulnerabilities
UNISOC (formerly Spreadtrum) is a rapidly growing semiconductor company that is nowadays focused on the Android entry-level smartphone market. While…