122 matches found
Multiple Quick Heal Products Input Validation Error Vulnerability
Quick Heal Total Security, Home Security and Total Security Multi-Device are antivirus programs from Quick Heal India. A security vulnerability exists in the AV parsing engine in several Quick Heal products. The vulnerability can be exploited by attackers to bypass virus checks with the help of...
CVE-2020-9362
The Quick Heal AV parsing engine November 2019 allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. This affects Total Security, Home Security, Total Security Multi-Device, Internet Security, Total Security for Mac, AntiVirus Pro, AntiVirus for Server, and Total Security for Andro...
Design/Logic Flaw
The Quick Heal AV parsing engine November 2019 allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. This affects Total Security, Home Security, Total Security Multi-Device, Internet Security, Total Security for Mac, AntiVirus Pro, AntiVirus for Server, and Total Security for Andro...
The US Blames Russia's GRU for Sweeping Cyberattacks in Georgia
By calling out Russia for digital assaults on its neighboring country, the US hopes to head off similar efforts at home...
Home and Away, All Year Round: How Can I Keep My Kids Safe Online?
We’re well into another school year in the US and elsewhere. For many parents and their kids, this can be a stressful time — demanding new routines, more study and longer days. But how many of us think about the potential extra cyber risks to our family that might also emerge during this time? Th...
Security Camera Firm Arlo Zaps High-Severity Bugs
Two high-severity vulnerabilities in Arlo Technologies’ wireless home security camera gear have been patched. The flaws, which indirectly impact Arlo’s popular fleet of wireless home security cameras, are limited to adversaries with local network and physical access to Arlo Base Stations. Both...
How we hacked our colleague’s smart home
In this article, we publish the results of our study of the Fibaro Home Center smart home. We identified vulnerabilities in Fibaro Home Center 2 and Fibaro Home Center Lite version 4.540, as well as vulnerabilities in the online API. An offer you cannot refuse The backbone of any technology compa...
Smart speakers: Christmas treat or lump of coal?
Christmas is nearly upon us, and thoughts are perhaps turning to various digital presents of a “smart” nature. Home security, hubs, speakers, cameras, and mashups of all of those and more besides. With regards to speakers, the most immediate pieces of your home are theoretically at your beck and...
Malwarebytes is a champion of National Cybersecurity Awareness Month
October is here. For most of us in the US cybersecurity industry, it’s the month when we commemorate National Cybersecurity Awareness Month NCSAM. For those who are unfamiliar with this campaign, NCSAM generally aims at driving awareness for safe Internet use, whether you're a regular consumer or...
kids24.co.kr XSS vulnerability
Open Bug Bounty ID: OBB-675472 Description| Value ---|--- Affected Website:| kids24.co.kr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
The Logitech smart home management system, the Logitech Harmony Hub vulnerability analysis-vulnerability warning-the black bar safety net
! Recently, fireeye Mandiant Red Team team found that the Logitech smart IOT home management system the Logitech Harmony Hub, the presence of a plurality of available vulnerability, an attacker can exploit these vulnerabilities to bypass system restrictions, through SSH access to the device Syste...
Hijacking Philips Hue
We were filming a smart home hacking piece on the 5th May this year. Like most home users, the Wi-Fi PSK wasn’t strong enough, so we cracked it and joined the network. The user had a Philips Hue lighting system. None of us here had looked at Hue before - we made an assumption after the previous...
Bugs in Logitech Harmony Hub Put Connected IoT Devices at ‘High Risk’
Vulnerabilities found in the Logitech Harmony Hub can give adversaries root access to the device – allowing attackers to control other smart home devices linked to it, such as smart locks and connected surveillance cameras. Researchers at FireEye’s Mandiant Red team identified four vulnerabilitie...
JShielder - Automates The Process Of Installing All The Necessary Packages To Host A Web Application And Hardening A Linux Server
JSHielder is an Open Source tool developed to help SysAdmin and developers secure there Linux Servers in which they will be deploying any web application or services. This tool automates the process of installing all the necessary packages to host a web application and Hardening a Linux server wi...
chicago-home-security.com XSS vulnerability
Open Bug Bounty ID: OBB-587496 Description| Value ---|--- Affected Website:| chicago-home-security.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Smart home devices can be hacked within minutes through Google search
By Waqas The Internet of Things IoT devices, especially smart home devices, This is a post from HackRead.com Read the original post: Smart home devices can be hacked within minutes through Google search...
Data Privacy in the Age of IoT
On Data Privacy Day, January 28th, we should have all taken a few moments to think more carefully about safeguarding our personal data, staying safe online, and improving our privacy habits. Just what does that mean in the age of IoT — the Internet of Things? In previous years, cyber threats most...
CVE-2017-16867
The CVE-2017-16867 entry describes Amazon Key’s Cloud Cam mishandling 802.11 deauthentication frames during delivery, allowing a camera to be frozen and an interior entry under two scenarios. Affected: Cloud Cam devices used with Amazon Key up to 2017-11-16. Root cause: mishandling of deauth fram...
CVE-2017-9478
The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST and DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST devices sets the CM MAC address to a value with a two-byte offset from the MTA/VoIP MAC address, which indirectly allows remote...
CVE-2017-9476
The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST; Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST; and Arris TG1682G eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG16822.2p7s2PRODsey devices makes it easy for...