January 16, 2024 at 11:51AM Two unauthenticated denial-of-service (DoS) vulnerabilities, CVE-2022-22274 and CVE-2023-0656, threaten the security of SonicWall next-generation firewall devices. Attackers can exploit these flaws to crash devices or execute remote code. Vulnerable SonicWall series 6 and 7 firewalls are at risk. Administrators are urged to update to the latest firmware to mitigate potential … Read more
January 12, 2024 at 06:15AM Apple announced a firmware update for the Magic Keyboard to fix a Bluetooth vulnerability disclosed by SkySafe engineer. The vulnerability could allow attackers to inject keystrokes without authentication. The update, version 2.0.6, is being rolled out and reportedly mitigates the attack. Users can check for the update in their system … Read more
November 30, 2023 at 10:17AM Zyxel has patched critical security vulnerabilities in its NAS devices that risked unauthorized command execution and data compromise. Users of NAS326 and NAS542 models must update their firmware to versions V5.21(AAZF.15)C0 and V5.21(ABAG.12)C0 or later, respectively, as there are no alternative mitigations. **Takeaways from Meeting Notes:** 1. **Issue Identification:** Zyxel … Read more
October 30, 2023 at 05:56PM A security researcher has published a proof-of-concept exploit for Wyze Cam v3 devices, allowing attackers to take control of vulnerable cameras. The exploit takes advantage of two flaws in the firmware, enabling remote code execution and the ability to overwrite stack memory. Wyze has released a firmware update to address … Read more