Skip to content

Home Early Warning System Advisories
Advisory
Real-time location data of thousands of kids is exposed by this smartwatch
Wednesday, 04 December 2019 15:46

AV-TEST Institute discovered that SMA-WATCH-M2, a smartwatch featuring a GPS tracker manufactured by a Chinese firm named Shenzhen Smart Care Technology has been found vulnerable in terms of data and location security. There is data of as much as 5000 children globally is at stake on the firm's unencrypted servers which includes names, addresses, age, images and voice messages of these children. It has been informed Shenzhen of this vulnerability by AV-TEST Institute but despite this, the issue still persists. It's adviced that the parents should stop using this kind of smartwatch until this kind of vulnerability is fixed.

 
Linux Security Update Overview (Nov 27, 2019)
Wednesday, 27 November 2019 10:43

The following Linux distributions have released security updates to fix vulnerabilities:
OpenSUSE: Security updates for haproxy, apache perl, java, and others.
RedHat: Security updates for sdl, chromium, python, and others.
Oracle Linux: Security updates for php, the kernel, sudo, and others.
Debian: Security updates for chromium and others.
Gentoo Linux: Security updates for firefox, chromium, flash, and others.
Amazon Linux: Security updates for python and others.
Amazon Linux 2: Security updates for the kernel, python, ntp, rsyslog and others.

 
Decrypt your data from Hakbit & Jigsaw ransomware for free
Tuesday, 26 November 2019 16:16

It's unfortunate that someday you turn on your PC, you are encountered with an unpleasant message stating:"Your files have been encrypted, follow the instructions below to decrypt them."Usually, these instructions include the attacker asking for a certain amount of money in exchange for the victim getting their data back. Luckily the victims are not trapped in this anymore. The cyber security firm Emisoft has released decrypter for Hakbit and Jigsaw ransomware that would unlock the encrypted files for free.

 
Attackers Could Spy on You through Your Android Camera
Thursday, 21 November 2019 17:13

An Android camera flaw has been reported that could allow attackers to take pictures, record videos, or extract GPS data without requiring any explicit permissions from users by Checkmars, which is known to be available on the Google Camera and Samsung Camera apps until July 2019 and is listed as CVE-2019-2234. It is also said to have existed in a large number of apps on Google Play, thus, the scope of the Android camera flaw appears to be quite wide. A patch has also been made available to all Android vendors. It is recommended to have the latest software updates along with the most recent app versions.

 
Vulnerabilities in IBM WebSphere Application Server Liberty & Curl
Wednesday, 20 November 2019 16:06

IBM WebSphere Application Server Liberty contains a vulnerability resulting in improper handling of request headers, which can affect IBM Spectrum Protect Operations Center. A remote attacker could exploit this vulnerability to cause the consumption of Memory.
Two vulnerabilities in curl affect PowerSC. An integer overflow in curl's URL API results in a buffer overflow and a heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution.

 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 379
[YOUR IP: 100.26.176.182: 41206] ...   [YOUR BROWSER: CCBot/2.0 (https://commoncrawl.org/faq/)] ...