#wifi

The Canon PIXMA TR4550 stores sensitive data, such as the SSID and the Wi-Fi pre-shared key (PSK), unencrypted in its persistent storage (EEPROM). Resetting the product to factory settings does not securely delete this sensitive information. Versions 1.020 and 1.080 are affected.

Microsoft is warning of the threat malicious cyber actors pose to stadium operations, warning that the cyber risk surface of live sporting events is "rapidly expanding." "Information on athletic performance, competitive advantage, and personal information is a lucrative target," the company said in a Cyber Signals report shared with The Hacker News. "Sports teams, major league and global

Shelly 4PM Pro four-channel smart switch 0.11.0 allows an attacker to trigger a BLE out of bounds read fault condition that results in a device reload.

Given the privileged position these devices occupy on the networks they serve, they are prime targets for attackers, so their security posture is of paramount importance.

In certain EZVIZ products, two stack based buffer overflows in mulicast_parse_sadp_packet and mulicast_get_pack_type functions of the SADP multicast protocol can allow an unauthenticated attacker present on the same local network as the camera to achieve remote code execution. This affects CS-C6N-B0-1G2WF Firmware versions before V5.3.0 build 230215 and CS-C6N-R101-1G2WF Firmware versions before V5.3.0 build 230215 and CS-CV310-A0-1B2WFR Firmware versions before V5.3.0 build 230221 and CS-CV310-A0-1C2WFR-C Firmware versions before V5.3.2 build 230221 and CS-C6N-A0-1C2WFR-MUL Firmware versions before V5.3.2 build 230218 and CS-CV310-A0-3C2WFRL-1080p Firmware versions before V5.2.7 build 230302 and CS-CV310-A0-1C2WFR Wifi IP66 2.8mm 1080p Firmware versions before V5.3.2 build 230214 and CS-CV248-A0-32WMFR Firmware versions before V5.2.3 build 230217 and EZVIZ LC1C Firmware versions before V5.3.4 build 230214.

By Deeba Ahmed Industrial organizations in Eastern Europe are the prime targets of this data-harvesting campaign. This is a post from HackRead.com Read the original post: Chinese APT Group Hits Air-Gapped Systems in Europe with Malware

Categories: Business Tags: VPN Tags: meta Tags: Facebook Tags: data Tags: disclosure Tags: australia Tags: australian Tags: traffic We take a look at reports that Meta subsidiaries have been ordered to pay a sizeable fine relating to disclosure issues for a now discontinued VPN. (Read more...) The post Meta subsidiaries must pay $14m over misleading data collection disclosure appeared first on Malwarebytes Labs.

Wifi Soft Unibox Administration 3.0 and 3.1 is vulnerable to SQL Injection. The vulnerability occurs because of not validating or sanitizing the user input in the username field of the login page.

Plus: Russia tightens social media censorship, new cyberattack reporting rules for US companies, and Google Street View returns to Germany.

Ubuntu Security Notice 6256-1 - Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service.