Security News

Adobe Fixes 7 Critical Flaws, Blocks Flash Player Content
2021-01-12 17:13

In tandem with Tuesday's security update, Adobe starting on Tuesday will also block Flash Player content, weeks after dropping support for Flash. The move means that when users attempt to load a page with Flash Player, the content now will no longer load. "Since Adobe will no longer be supporting Flash Player after December 31, 2020 and Adobe will block Flash content from running in Flash Player beginning January 12, 2021, Adobe strongly recommends all users immediately uninstall Flash Player to help protect their systems," according to Adobe.

Critical factors for early 5G success
2021-01-11 04:00

The 5G ecosystem is reaching a level of technology maturity much more rapidly than earlier generations, enabling operators to develop network deployment and go to market strategies with mass-market appeal and scalable across evolving B2C, B2B and B2B2X business models. Strategy Analytics' report reviews 5G commercial developments to date and provides recommendations to operators on how to build competitive, differentiated 5G value propositions.

Fired Healthcare Exec Stalls Critical PPE Shipment for Months
2021-01-07 19:36

The FBI has announced that Christopher Dobbins pleaded guilty and was sentenced to a year in prison for breaching and temporarily disabling the Stradis Healthcare shipping system using a secret account, after being fired weeks earlier. Last March, as doctors reported having to ration and reuse personal protective equipment to treat COVID-19 patients, Georgia-based Stradis Healthcare, which packages and ships PPE and surgical kits, was eager to step up and help, according to FBI Special Agent Roderick Coffin, who investigated the matter.

Google Warns of Critical Android Remote Code Execution Bug
2021-01-05 20:21

Google has fixed two critical bugs affecting its Android handsets. The more serious flaws exists in the Android System component and allow remote attackers to execute arbitrary code.

Two Critical Flaws — CVSS Score 10 — Affect Dell Wyse Thin Client Devices
2020-12-24 20:51

A team of researchers today unveiled two critical security vulnerabilities in Dell Wyse Thin clients that could have potentially allowed attackers to remotely execute malicious code and access arbitrary files on affected devices. The flaws, which were uncovered by healthcare cybersecurity provider CyberMDX and reported to Dell in June 2020, affects all devices running ThinOS versions 8.6 and below.

Critical Flaws in Kepware Products Can Facilitate Attacks on Industrial Firms
2020-12-23 15:55

Several critical vulnerabilities have been found by researchers in products from PTC-owned industrial automation solutions provider Kepware. The U.S. Cybersecurity and Infrastructure Security Agency last week published two advisories describing vulnerabilities identified in Kepware products.

New Critical Flaws in Treck TCP/IP Stack Affect Millions of IoT Devices
2020-12-22 22:51

The US Cybersecurity Infrastructure and Security Agency has warned of critical vulnerabilities in a low-level TCP/IP software library developed by Treck that, if weaponized, could allow remote attackers to run arbitrary commands and mount denial-of-service attacks. The four flaws affect Treck TCP/IP stack version 6.0.1.67 and earlier and were reported to the company by Intel.

Critical Vulnerabilities Expose Dell Wyse Thin Client Devices to Attacks
2020-12-21 19:04

Dell on Monday informed customers that updates released for some of its Wyse Thin Client products patch a couple of critical vulnerabilities that can be exploited remotely without authentication to compromise devices. Dell Wyse Thin Client is a small form-factor PC series that runs an operating system named ThinOS, which Dell advertises as "The most secure thin client operating system." According to CyberMDX, there are more than 6,000 organizations using these products, including many healthcare providers, in the U.S. alone.

Critical Bugs in Dell Wyse Thin Clients Allow Code Execution, Client Takeovers
2020-12-21 17:00

Dell has patched two critical security vulnerabilities in its Dell Wyse Thin Client Devices, which are small form-factor computers optimized for connecting to a remote desktop. The bugs allow arbitrary code execution and the ability to access files and credentials, researchers said.

Critical bugs in Dell Wyse ThinOS allow thin client take over
2020-12-21 12:59

Almost a dozen Dell Wyse thin client models are vulnerable to critical issues that could be exploited by a remote attacker to run malicious code and gain access to arbitrary files. It is estimated that more than 6,000 organizations, most of them from the healthcare sector, have deployed Dell Wyse thin clients on their networks.