Security News > 2022 > August

As many as 29 different router models from DrayTek have been identified as affected by a new critical, unauthenticated, remote code execution vulnerability that, if successfully exploited, could lead to full compromise of the device and unauthorized access to the broader network. Over 200,000 devices from the Taiwanese manufacturer are said to have the vulnerable service currently exposed on the internet and would require no user interaction to be exploited.

Looking ahead to next week, we have a server end-of-life and still more updates that can impact printers. There have been several updates to KB5005408 throughout the year to help administrators identify and manage these non-compliant printers.

In this Help Net Security video, John deCraen, Associate Managing Director at Kroll, talks about risk astute leadership and the leveraging of threat intelligence to inform actionable controls. The...

In this Help Net Security video, Ofri Ouzan, Security Researcher at Rezilion, talks about MI-X, an open source tool aimed at effectively determining whether a local host or a running container image is truly vulnerable to a specific vulnerability by accounting for all factors which affect actual exploitability. The tool prints the logical steps it takes in order to reach a decision and can generate a flow chart depicting the complete logical flow.

Kubernetes is delivering business value and is set to win an increasing share of production workloads, with almost all respondents to a Dimensional Research study saying they plan to scale and diversify their Kubernetes infrastructures in some way in the coming year. With growth comes increased complexity, and already those respondents that have the most extensive use of Kubernetes - with more clusters and more distributions, across more environments such as edge and with more software elements in their 'stack' such as monitoring, security, ingress or service mesh - are experiencing more significant challenges.

Last October, California resident Jacob Pearlman downloaded an Android version of a cryptocurrency wallet app called Phantom from the Google Play app store. The free Phantom Wallet app that Pearlman downloaded early from Google Play was a fake.

Researchers at Trellix have discovered a critical unauthenticated remote code execution vulnerability impacting 29 models of the DrayTek Vigor series of business routers. The vulnerability is tracked as CVE-2022-32548 and carries a maximum CVSS v3 severity score of 10.0, categorizing it as critical.

The Forum of Incident Response and Security Teams has published TLP 2.0, a new version of its Traffic Light Protocol standard, five years after the release of the initial version. The TLP standard is used in the computer security incident response team community to facilitate the greater sharing of sensitive information.

Hackers attempted to extort the online survey platform QuestionPro after claiming to have stolen the company's database containing respondents' personal information. QuestionPro said that customers will be alerted of a data theft incident if it is determined that a data breach occurred.

The Department of Homeland Security warned that attackers could exploit critical security vulnerabilities in unpatched Emergency Alert System encoder/decoder devices to send fake emergency alerts via TV and radio networks. The warning was issued by DHS' Federal Emergency Management Agency as an advisory delivered through the Integrated Public Alert and Warning System.