Tag Archives: vulnerability

Patient vitals vulnerable to hacking

      Comments Off on Patient vitals vulnerable to hacking

A McAfee security researcher has recently revealed that hackers are able to falsify patients’ vitals by taking advantage of weak communications protocol between the patient monitoring equipment itself, and the central monitoring system. At DEF CON 26 security conference, researcher Douglas McKee explained that he managed to reverse engineer the… Read more »


WordPress fix long overdue

      Comments Off on WordPress fix long overdue

It’s now seven months since researchers notified WordPress that its CMS contained a vulnerability that allows a user with limited privileges to deploy the ‘thumbnail delete’ function to take control of a website. So far, WordPress has failed to issue a fix; despite the fact that a malicious party –… Read more »


IoT tool vulnerable to downgrade attack

      Comments Off on IoT tool vulnerable to downgrade attack

Z-Wave protocol is a radio frequency-based communications technology created to facilitate the management of Internet of Things appliances. Unfortunately, despite its sophisticated encryption system, Z-Wave is vulnerable to a downgrade attack – a protocol that forces computers to abandon their high-quality mode of operation in favour of a less effective… Read more »


Twitter takes precautionary measures

      Comments Off on Twitter takes precautionary measures

With internet privacy currently a hot topic, Twitter has advised all of its 330 million users to change their passwords. This advice comes as the result of the social media giant discovering a bug in its system. Because of the glitch, some Twitter passwords were stored before they could be… Read more »


Apple file system hit by new glitch

      Comments Off on Apple file system hit by new glitch

For the third time since its introduction a year ago, Apple’s high-end file system (APFS) has fallen victim to a bug. The latest vulnerability affects macOS High Sierra, leaving the encryption passwords of users with external storage devices exposed in plaintext – and therefore wide open to attack. Not all… Read more »


US elections undermined by obsolete equipment

      Comments Off on US elections undermined by obsolete equipment

The rickety US electoral system is once again under the spotlight. It now appears that some voting machines are so ancient that it is almost impossible to tell whether or not they have been hacked. More than three quarters of US states have voting machines that are over ten years… Read more »


TeamViewer affected by permissions bug

      Comments Off on TeamViewer affected by permissions bug

The recent announcement of a permissions bug in popular application TeamViewer, which allows users to ‘switch sides’ by seizing unauthorised control of each other’s mouse without permission, has caused some consternation. Engineers have responded swiftly by releasing a hotfix for the bug, which affects Windows, macOS and Linux. While it… Read more »


Google releases several critical fixes

      Comments Off on Google releases several critical fixes

Amongst the fifty fixes recently issued by Google for its Pixel and Nexus devices, one rated ‘critical’ rectifies an encryption bug in Qualcomm closed-source components. Of the five other patches rated ‘high’, four deal with glitches that potentially allowed denial of service attacks and the fifth resolves an elevation of… Read more »


Hacking made easy

      Comments Off on Hacking made easy

Well that’s awkward. Apple, which prides itself on its in-built gold standard security, last week announced that it was releasing a patch for a rather crucial vulnerability. It seems that for a while, all you needed to do to gain access to any Apple machine running the new High Sierra… Read more »


Intel finally releases critical security patches

      Comments Off on Intel finally releases critical security patches

As the world’s number two supplier of microchips and processors, Intel products feature in millions of PCs and servers all over the globe. It is therefore no laughing matter to discover that malicious actors can use long-standing vulnerabilities in Intel’s Trusted Execution Engines, Management Engines and Server Platform Services firmware… Read more »