Sign-up

VARIoT news about IoT security

Apple iPhone and MacBook users are at a high risk of being hacked, Indian govt warns - India Today

Trust: 3.0

Fetched: Feb. 4, 2024, 9:53 a.m., Published: Feb. 1, 2024, 6:24 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: watchos
vendor: apple model: ipad air
vendor: apple model: tvos
vendor: apple model: macbook
vendor: apple model: icloud
vendor: apple model: ipad
vendor: apple model: ipod touch
vendor: apple model: apple tv
vendor: apple model: watch
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: macos

US government tells federal agencies they have 48 hours to repair Ivanti VPN tech following breaches | TechRadar

Trust: 5.0

Fetched: Feb. 4, 2024, 9:47 a.m., Published: Feb. 2, 2024, 1:04 p.m.
 Vulnerabilities: authentication bypass, code injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-21887, CVE-2023-46805

Risk Dashboard - Arctic Wolf Docs

Trust: 3.0

Fetched: Feb. 4, 2024, 9:46 a.m., Published: Jan. 25, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome

SonicWall firewall vulnerability impacts 178,000 devices

Trust: 4.5

Fetched: Feb. 4, 2024, 9:46 a.m., Published: Jan. 16, 2024, 7:45 p.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: sonicwall model: remote access
db: NVD ids: CVE-2022-22274, CVE-2023-0656

Apple and Google Just Patched Their First Zero-Day Flaws of the Year | WIRED

Trust: 5.5

Fetched: Feb. 4, 2024, 9:44 a.m., Published: Jan. 31, 2024, noon
 Vulnerabilities: code execution, memory corruption, feature bypass...
Affected productsExternal IDs
vendor: google model: chrome
vendor: cisco model: unified communications
db: NVD ids: CVE-2024-0808, CVE-2024-0743, CVE-2024-0755, CVE-2024-0807, CVE-2024-20677, CVE-2024-0741, CVE-2024-20253, CVE-2023-49583, CVE-2023-50422, CVE-2024-0812, CVE-2024-21737, CVE-2024-20674

ICS Advisory: Gessler GmbH WEB-MASTER - globalregulatoryinsights

Trust: 3.0

Fetched: Feb. 4, 2024, 9:44 a.m., Published: Feb. 1, 2024, 4:20 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-1040, CVE-2024-1039

Relution Remote Code Execution via Java Deserialization Vulnerability - Security Boulevard

Trust: 4.75

Fetched: Feb. 4, 2024, 9:41 a.m., Published: Feb. 1, 2024, 3:09 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2023-48178

Tesla Hacks Show Importance of Protecting Connected Devices

Trust: 5.5

Fetched: Feb. 4, 2024, 9:40 a.m., Published: Feb. 2, 2024, 2:42 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: check point model: check point
vendor: trend model: security
vendor: trend model: antivirus
vendor: trend micro model: security
vendor: trend micro model: antivirus
db: NVD ids: CVE-2023-49722

Future Internet | Free Full-Text | A Survey of Security Vulnerability Analysis, Discovery, Detection, and Mitigation on IoT Devices

Trust: 3.0

Fetched: Feb. 4, 2024, 9:32 a.m., Published: Feb. 4, 2020, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

Billions of devices vulnerable to new 'BLESA' Bluetooth security flaw | ZDNET

Related entries in the VARIoT vulnerabilities database: VAR-202004-1957

Trust: 3.5

Fetched: Feb. 4, 2024, 9:32 a.m., Published: Feb. 3, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: pixel xl
vendor: google model: pixel
vendor: google model: android
db: NVD ids: CVE-2020-9770

Guide to the 25 Best Vulnerability Scanning Tools in 2024 - The CTO Club

Trust: 3.5

Fetched: Feb. 4, 2024, 9:30 a.m., Published: Jan. 4, 2024, 5:23 a.m.
 Vulnerabilities: cross-site scripting, sql injection
Affected productsExternal IDs
vendor: wireshark model: wireshark

Microsoft Defender Vulnerability Management - Common Microsoft 365 Security Mistakes Series - Ru Campbell MVP

Trust: 3.0

Fetched: Feb. 4, 2024, 9:29 a.m., Published: Feb. 3, 2024, 10:57 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-24055

CISA mandates agencies close 2 cyber vulnerabilities immediately

Trust: 4.5

Fetched: Feb. 4, 2024, 9:22 a.m., Published: Jan. 19, 2024, 3:15 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: pulsesecure model: connect secure
vendor: pulsesecure model: policy secure
db: NVD ids: CVE-2024-21887, CVE-2023-46805

Agencies using vulnerable Ivanti products have until Saturday to disconnect them | Ars Technica

Trust: 3.75

Fetched: Feb. 4, 2024, 9:16 a.m., Published: Feb. 1, 2024, 11:45 p.m.
 Vulnerabilities: request forgery
Affected productsExternal IDs
db: NVD ids: CVE-2024-21893, CVE-2024-21888

Medical Device Vulnerability Management: Expert Solutions

Trust: 3.0

Fetched: Feb. 4, 2024, 9:10 a.m., Published: Aug. 4, 2023, 2:12 p.m.
 Vulnerabilities: -
Affected productsExternal IDs

Medical Device Vulnerability Management: Best Practices for Ensuring Patient Safety

Trust: 3.75

Fetched: Feb. 4, 2024, 9:09 a.m., Published: Aug. 4, 2023, 12:04 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

QNAP QTS / QuTS hero Vulnerability in QTS and QuTS hero (QSA-2... | TenableĀ®

Trust: 3.25

Fetched: Feb. 2, 2024, 10:54 a.m., Published: Feb. 2, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: qnap model: qnap qts

Future Internet | Free Full-Text | A Holistic Analysis of Internet of Things (IoT) Security: Principles, Practices, and New Perspectives

Trust: 4.5

Fetched: Feb. 2, 2024, 10:53 a.m., Published: Jan. 24, 2024, midnight
 Vulnerabilities: resource exhaustion, session hijacking
Affected productsExternal IDs
vendor: delegate model: delegate

Distributed Energy Generation Gateway (In)Security - Security News - Trend Micro IN

Trust: 4.75

Fetched: Feb. 2, 2024, 10:52 a.m., Published: -
 Vulnerabilities: default password
Affected productsExternal IDs
vendor: trend model: security
vendor: enphase model: envoy
vendor: trend micro model: security

Apple has a new vulnerability in the system! Which devices are at risk? - Tylaz

Trust: 3.0

Fetched: Feb. 2, 2024, 10:48 a.m., Published: Jan. 20, 2024, 10 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macbook
vendor: apple model: apple ipad
vendor: apple model: macbook air
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: ipad