Cybersecurity firm Genua fixes a critical flaw in its GenuGate High Resistance Firewall

Germany-based cybersecurity company Genua has fast-tracked a fix for a critical flaw in one of its firewall products. If exploited, the vulnerability could allow local attackers to bypass authentication measures and log in to internal company networks with the highest Read More …

SonicWall releases additional update for SMA 100 vulnerability

SonicWall has released a second firmware update for an SMA-100 zero-day vulnerability known to be used in attacks and is warning to install it immediately. Last month, SonicWall disclosed that their internal systems were attacked using a zero-day vulnerability in Read More …

Gauging LoRaWAN Communication Security with LoraPWN

LoRaWAN technology allows organizations to deploy the internet of things solutions at a much lower cost than existing cellular infrastructure solutions. Because of this, enterprises and smart cities around the world have started using LoRaWAN in their operations. As mentioned Read More …

Industrial Remote Access: Why It’s Not Something to Fear

Increased uptime? Check. Better access to outside expertise? Check. Improved first-time-fix rate? Check. These are just some of the benefits of industrial remote access. Yet many customers are reluctant to embrace remote access. Not only that, but incidents such as Read More …

Shining a Light on SolarCity: Practical Exploitation of the X2e IoT Device

In 2019, Mandiant’s Red Team discovered a series of vulnerabilities present within Digi International’s ConnectPort X2e device, which allows for remote code execution as a privileged user. Specifically, Mandiant’s research focused on SolarCity’s (now owned by Tesla) rebranded ConnectPort X2e Read More …

Cybersecurity Risks of Connected Cars

As the use of connected cars becomes more common, the technologies that power or support these vehicles continue to evolve. This provides a host of benefits, but just like any other technology, this new territory comes with some risks. In Read More …

Fortinet fixes critical vulnerabilities in SSL VPN and web firewall

Fortinet has fixed multiple severe vulnerabilities impacting its products. The vulnerabilities range from Remote Code Execution (RCE) to SQL Injection, to Denial of Service (DoS) and impact the FortiProxy SSL VPN and FortiWeb Web Application Firewall (WAF) products. Multiple advisories Read More …

Signal ignores proxy censorship vulnerability, bans researchers

Signal, an end-to-end encrypted messaging platform was recently blocked by the Iranian government. To help its users bypass censorship in Iran, the company suggested a TLS proxy workaround. However, multiple researchers have now discovered flaws in the workaround that can Read More …