Assessing Cybersecurity Risks and Traffic Impact in Connected Autonomous Vehicles

Given the promising future of autonomous vehicles, it is foreseeable that self-driving cars will soon emerge as the predominant mode of transportation. While autonomous vehicles offer enhanced efficiency, they remain vulnerable to external attacks. In this research, we sought to investigate the...

Belief in False Information: A Human-Centered Security Risk in Sociotechnical Systems

This paper provides a comprehensive literature review on the belief in false information, including misinformation, disinformation, and fake information. It addresses the increasing societal concern regarding false information, which is fueled by technological progress, especially advancements in...

EUVD-2017-11294

Malware in sbrugna...

EUVD-2021-12131

Malware in sbrugna...

EUVD-2023-53329

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-49344

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Temporary data passed between application components by Budgie Extras Window Shuffler applet could potentially be viewed or manipulated. The data is stored in a...

CVE-2024-49396

The affected product is vulnerable due to insufficiently protected credentials, which may allow an attacker to impersonate Elvaco and send false information...

CVE-2024-49396 Insufficiently Protected Credentials in Elvaco M-Bus Metering Gateway CMe3100

The affected product is vulnerable due to insufficiently protected credentials, which may allow an attacker to impersonate Elvaco and send false information...

CVE-2024-49396

CVE-2024-49396 affects Elvaco M-Bus Metering Gateway CMe3100 (version 1.12.1). The flaw is insufficiently protected credentials, enabling an attacker to impersonate Elvaco and send false information. Public documentation from CISA/ICSA notes remote exploitation with low attack complexity and prov...

Don’t share the viral Instagram Meta AI “legal” post

A new variation of a hoax that has been doing the rounds on Facebook for years has crossed over to Instagram. We’re seeing this post on Instagram Stories a lot suddenly over the last few days. The post is usually posted as a shareable screenshot on Instagram Stories, but it’s also been spotted on...

CVE-2023-30312

An issue discovered in OpenWrt 18.06, 19.07, 21.02, 22.03, and beyond allows off-path attackers to hijack TCP sessions, which could lead to a denial of service, impersonating the client to the server e.g., for access to files over FTP, and impersonating the server to the client e.g., to deliver...

CVE-2023-30312

An issue discovered in OpenWrt 18.06, 19.07, 21.02, 22.03, and beyond allows off-path attackers to hijack TCP sessions, which could lead to a denial of service, impersonating the client to the server e.g., for access to files over FTP, and impersonating the server to the client e.g., to deliver...

bind: DNS forwarders - cache poisoning vulnerability

A cache poisoning vulnerability was found in BIND when using forwarders. Bogus NS records supplied by the forwarders may be cached and used by name if it needs to recurse for any reason. This issue causes it to obtain and pass on potentially incorrect answers. This flaw allows a remote high...

SUSE CVE-2023-49346

Temporary data passed between application components by Budgie Extras WeatherShow applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false...

Ubuntu 22.04 LTS / 23.04 / 23.10 : Budgie Extras vulnerabilities (USN-6556-1)

The remote Ubuntu 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6556-1 advisory. It was discovered that Budgie Extras incorrectly handled certain temporary file paths. An attacker could possibly use this issue to injec...

CVE-2023-49343

Temporary data passed between application components by Budgie Extras Dropby applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false...

CVE-2023-49345

Temporary data passed between application components by Budgie Extras Takeabreak applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false...

CVE-2023-49346

Temporary data passed between application components by Budgie Extras WeatherShow applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false...

DEBIAN-CVE-2023-49344

Temporary data passed between application components by Budgie Extras Window Shuffler applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present...

CVE-2023-49344

Temporary data passed between application components by Budgie Extras Window Shuffler applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present...