22 Jan 2019

Bug in widespread Wi-Fi chipset firmware can lead to zero-click code execution

A security researcher with Embedi has discovered several vulnerabilities affecting the ThreadX firmware for Wi-Fi chipsets in laptops and Internet of Things (IoT) devices. Among the flaws is a block pool overflow that can enable attackers to remotely execute code on certain devices without any user interaction (zero-click). The vulnerability affects

Read More
17 Jan 2019

Over 140 International Airlines Affected by Major Security Breach

A security researcher with Safety Detective has found a major security flaw in Amadeus, a ticket booking system covering 44% of worldwide online flight ticket reservations. The flaw, which has been fixed, could have allowed threat actors to gain access to flight booking information and even change details of bookings

Read More
10 Jan 2019

Critical Flaw in Cisco’s Email Security Appliance Enables ‘Permanent DoS’

Cisco has plugged 18 vulnerabilities, including two flaws that could allow threat actors to carry out denial of service (DoS) attacks on affected machines by means of sending an email. One of the DoS bugs was rated as critical, and the other as “high” in terms of severity. The 16 remaining

Read More