Security Alerts & News
by Tymoteusz A. Góral

History
#1430 Critical flaws found in network management systems
Eleven critical vulnerabilities have been patched in network management systems (NMS) from four leading manufacturers: Cloudview, Netikus, Paessler and Opmantek. The flaws enable remote cross-site scripting and command-injection attacks.

Public disclosure of the vulnerabilities coincided with a technical description by Rapid7 released Wednesday; the research compliments earlier work on similar bugs found in 2015.

Each of the 11 vulnerabilities varied widely, however they shared the common technique allowing for the injection of malicious packets via Simple Network Management Protocol (SNMP) to gain control of NMS web console browser windows, said Tod Beardsley, principal security research manager at Rapid7 in a blog post.
Read more
#1436 Two-thirds of companies pay ransomware demands: But not everyone gets their data back
#1435 Google shuts down potentially massive Android bug
#1434 The missing piece – sophisticated OSX backdoor discovered
#1433 This nasty Android malware tries to bully its way past Marshmallow security features
#1432 Million more devices sharing known private keys for HTTPS, SSH admin
#1431 Modified USB ethernet adapter can steal Windows and Mac credentials
#1430 Critical flaws found in network management systems
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12