Johnson Controls iSTAR Configuration Utility security vulnerability

Johnson Controls iSTAR Configuration Utility is a software tool developed by Johnson Controls for configuring and managing iSTAR Controllers. Versions of the ICU 6.9.7 and earlier contain security vulnerabilities; these vulnerabilities stem from stack buffer overflows, which may lead to operating...

A week with a "smart" car

Welcome to this week's edition of the Threat Source newsletter. June 9 was Whit Monday -- a bank holiday here in Germany -- so I decided to take the whole week off. It turned out to be the perfect opportunity to try out a brand new car. Little did I know, I was about to get a crash course in mode...

Linux Distros Unpatched Vulnerability : CVE-2024-57881

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: don't call pfntopage on possibly non-existent PFN in splitlargebuddy In...

Dumb Password Rules

Examples of dumb password rules. There are some pretty bad disasters out there. My worst experiences are with sites that have artificial complexity requirements that cause my personal password-generation systems to fail. Some of the systems on the list are even worse: when they fail they dont tel...

Fedora: Security Advisory for busybox (FEDORA-2021-e82915eee1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Europe’s Galileo Satellite Outage Serves as a Warning

The dramatic EU Galileo incident underscores the threat of satellite timing and navigation system failures...

[ThreatFactor NSIA v1.0.6] Network System Integrity Analysis

ThreatFactor NSIA is a website scanner that monitors websites in real-time in order to detect defacements, compliance violations, exploits, sensitive information disclosure and other issues. ThreatFactor detects issues remotely and therefore requires no software to install, does not introduce any...

World Economic Forum Sees Dark Side To Connectivity

The latest edition World Economic Forum’s Global Risks Report takes a dim view of our hyper connected world. At the group’s annual meeting in Davos, Switzerland, members wrestled with the consequences of ubiquitous Internet connectivity, concluding that groups or individuals with few resources ar...

Denial of Service Vulnerability in Sun AnswerBook2

Topic: Denial of Service Vulnerability in Sun AnswerBook2 Date: 10/24/2000 Status: Vendor Contacted 10/10/2000, Currently unsolved Scope: Local and Remote Denial of Service Platforms: SunOS 5.6, Presumably any running AnswerBook2 Authors: Dave Monnier, Dick Repasky Unix Workstation Support Group...