Security News

Google on Tuesday announced the release of Chrome 91 to the stable channel. The latest update patches a total of 32 vulnerabilities.

A series of high-profile cyberattacks on targets in the West have highlighted the vulnerability of companies and institutions, making the issue a higher public priority but with no easy solution. The attack saw its computer systems encrypted, putting its operations offline and causing fuel shortages for American drivers.

Researchers working for a French government agency have identified seven new Bluetooth vulnerabilities that could expose many devices to impersonation and other types of attacks. The flaws, discovered by researchers at France's national cybersecurity agency ANSSI, affect devices that support the Bluetooth Core and Mesh specifications, which define technical and policy requirements for devices operating over Bluetooth connections.

Vulnerabilities identified by security researchers with Cisco's Talos unit in Trend Micro Home Network Security devices could be exploited to elevate privileges or achieve arbitrary authentication. The Home Network Security station provides users with monitoring and protection capabilities, including vulnerability scanning, intrusion prevention, threat protection, and device-based access control.

Multiple companies that develop industrial systems are assessing the impact of two new OPC UA vulnerabilities on their products, and German automation technology firm Beckhoff is the first to release a security advisory. NET based OPC UA client/server SDK. The OPC Foundation released a patch in March.

Google has updated its May 2021 Android security bulletin to alert users that four vulnerabilities appear to have been exploited in attacks. Rolling out to users since early May, the latest Android security update patches over 40 flaws, including four with a severity rating of critical.

American industrial giant Emerson this week informed customers that it has released firmware updates for its Rosemount X-STREAM gas analyzers to address half a dozen vulnerabilities, including ones that have been rated high severity. Emerson's gas analyzers are designed to allow industrial organizations to continuously analyze process gas emissions.

Vulnerability management in OT continues to be one of the biggest challenges in securing industrial control systems. OT systems, which encompass the ICS, are computer-based control systems that automate and provide safety protection for personnel and equipment in the industrial, commercial buildings, avionics and other IoT-intensive industries.

Impacted vendors have released security advisories in response to the recently disclosed Wi-Fi vulnerabilities collectively tracked as FragAttacks. A dozen CVE identifiers have been assigned to the FragAttacks flaws discovered last year by researcher Mathy Vanhoef, including three for design flaws and nine for implementation flaws.

Newly discovered Wi-Fi security vulnerabilities collectively known as FragAttacks are impacting all Wi-Fi devices going back as far as 1997. "The discovered vulnerabilities affect all modern security protocols of Wi-Fi, including the latest WPA3 specification. Even the original security protocol of Wi-Fi, called WEP, is affected."