5 matches found
GLPI Cross-Site Scripting Vulnerability (CNVD-2021-17778)
GLPI is an open source software for IT equipment management, developed using the PHP language. A cross-site scripting vulnerability exists in GLPI versions prior to 9.5.4 when a logged-in user is updating a work order, and no detailed vulnerability details are available at this time...
Enterprise Security Woes Explode with Home Networks in the Mix
The work-from-home WFH paradigm that has become the new normal in the age of coronavirus comes with exacerbated network security risk – as evidenced by growing a number of botnets and automated attacks that are taking advantage of known vulnerabilities in both consumer and corporate IT gear. The...
Adding a Hardware Backdoor to a Networked Computer
Interesting proof of concept: At the CS3sthlm security conference later this month, security researcher Monta Elkins will show how he created a proof-of-concept version of that hardware hack in his basement. He intends to demonstrate just how easily spies, criminals, or saboteurs with even minima...
Planting Tiny Spy Chips in Hardware Can Cost as Little as $200
A new proof-of-concept hardware implant shows how easy it may be to hide malicious chips inside IT equipment...
Audit: NASA Fails To Properly Wipe Data From Discarded Drives
A recent internal audit at NASA, the U.S. space agency, found significant weakness in the way the agency disposes of IT equipment, including evidence that used hard drives containing sensitive NASA data may have been sold to the public on the secondhand market. The audit focused on the Johnson an...