vulnerability-research

Vulnerability Research & Responsible Disclosure Shivam Paji...

EUVD-2017-2364

Malware in sbrugna...

EUVD-2017-2367

Malware in sbrugna...

EUVD-2022-39482

Malicious code in bioql PyPI...

CVE-2023-24825

RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send a crafted frame to the device to trigger a NULL pointer dereference leading to denial of service. This issue is fixe...

CVE-2020-14936

Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP agent. Functions parsing the OIDs in SNMP requests lack sufficient allocated target-buffer capacity verification when writing parsed OID values. The function snmpoiddecodeoid may overwrite memory areas beyond the provided...

New Mirai Botnet Variants Observed: How to Identify a Mirai-Style DDoS Attack

The Mirai Internet of Things IoT botnet, notorious for targeting connected household devices like cameras, alarm systems, and personal routers, continues evolving and poses significant cybersecurity threats. It has a history of executing massive DDoS attacks, including a major incident that...

CVE-2023-24825 RIOT-OS vulnerable to NULL pointer dereference in gnrc_pktbuf_mark

RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send a crafted frame to the device to trigger a NULL pointer dereference leading to denial of service. This issue is fixe...

Contiki-NG Out-of-Bounds Write Vulnerability

"Contiki-NG is an open source cross-platform operating system for next-generation IoT devices. An out-of-bounds write vulnerability exists in Contiki-NG versions prior to 4.6 when processing 6LoWPAN extension headers. The vulnerability stems from a failure to check whether the written header is...

Contiki-NG Out-of-Bounds Read Vulnerability

Contiki-NG is an open source cross-platform operating system for next-generation IoT devices. An out-of-bounds read vulnerability exists in the 6LoWPAN implementation in Contiki-NG 4.6 and earlier. The vulnerability stems from the IPv6 header decompression function not performing proper boundary...

We Be Jammin’ – Bypassing Chamberlain myQ Garage Doors

ARCHIVED STORY We Be Jammin’ – Bypassing Chamberlain myQ Garage Doors Sam Quinn · JAN 06, 2020 The idea of controlling your garage door remotely and verifying that everything is secure at home, or having packages delivered directly into your garage is enticing for many people. The convenience tha...

Don't let your factory plant become the next cybersecurity victim

In 2014, a smart refrigerator had been caught red-handed for spawning over 750,000 spam emails after hijacked by a botnet attack. It is the first documented attack worldwide for Internet of Things to have fallen prey to hackersi. A more recent case in the US concerns an internet connected...

FTC Issues Public Challenge to Improve IoT Patching

Admittedly, patching existing connected devices in the wild is easier said than done. But that’s not deterring the Federal Trade Commission from soliciting help in finding a solution. The U.S. government agency today announced the kickoff of the FTC IoT Home Inspector Challenge, a prize contest...

1 2 years ago SSH vulnerability can also? IOT device security concern-vulnerability warning-the black bar safety net

! Overview According to foreign media the latest report, Akamai is the company's security research experts this week found a new type of attack. According to the security expert described, the attacker can use the one there for twelve years, SSH vulnerability, and with some security of the weaker...