Industrial Remote Access Tool Ewon Cosy+ Vulnerable to Root Access Attacks

Security vulnerabilities have been disclosed in the industrial remote access solution Ewon Cosy+ that could be abused to gain root privileges to the devices and stage follow-on attacks. The elevated access could then be weaponized to decrypt encrypted firmware files and encrypted data such as...

Cisco Fixes High-Severity Code Execution and VPN Hijacking Flaws

By Deeba Ahmed Cisco announced patches for high-severity vulnerabilities on Wednesday, March 6, 2024. This is a post from HackRead.com Read the original post: Cisco Fixes High-Severity Code Execution and VPN Hijacking Flaws...

Linux Bug Opens Most VPNs to Hijacking

A vulnerability in most Linux distros has been uncovered that allows a network-adjacent attacker to hijack VPN connections and inject rogue data into the secure tunnels that victims are using to communicate with remote servers. According to researchers at University of New Mexico and Breakpointin...

Clientless SSL VPNs Break Web Browser Security Models

Clientless SSL VPN products from multiple vendors operate in a way that breaks fundamental browser security mechanisms, according to a warning from the U.S. Computer Emergency Response Team US-CERT. This security problem, discussed since at least 2006, could let an attacker could use these device...