Cisco IP Phones Flaw Allows XSS & Injection Attacks

0
[ad_1]
Cisco IP Phones Flaw

Cisco has published a security advisory that states that they have discovered two vulnerabilities, an XSS and an HTML injection vulnerability.

These vulnerabilities existed in the SPA500 series of the Cisco Small Business IP Phones.

This vulnerability exists due to insufficient validation of user-supplied input in the web-based management interface of Cisco Small Business SPA500 Series IP Phones that an attacker can exploit, creating a crafted link resulting in arbitrary script execution on the interface.

The CVSS Score for this vulnerability is given as 6.1 (Medium)

This is an HTML injection vulnerability that exists due to insufficient sanitization of user-supplied inputs in the web-based management interface of the Cisco Small Business SPA500 Series IP Phones that can be exploited by a threat actor by creating a crafted link resulting in potential alteration in the web page and redirect the user to malicious websites.

Furthermore, this can also be used to conduct other client-side attacks. The CVSS Score for this vulnerability is given as 5.8(Medium)

Cisco confirmed that there had been no workarounds for fixing these vulnerabilities. In addition to this, Cisco mentioned that they wouldn’t be releasing security patches for these vulnerabilities as the Cisco Small Business SPA500 Series IP Phones reached the end-of-life process on August 13, 2018.

Users of these products are recommended to switch to other alternative Cisco products to avoid these vulnerabilities.

Stay up-to-date with the latest Cyber Security News; follow us on GoogleNewsLinkedinTwitterand Facebook.


[ad_2]
Source link

Save $100 on this Powerful Robot Vacuum

0
[ad_1]

Amazon has a great deal going on right now on the Roborock Q Revo robot vacuum (and mop). It’s now just $799. That’s going to save you $100 off of its regular price.

To get this price, you’ll need to clip the $100 off coupon on the page. That will reflect the $799 price when you checkout.

Roborock Q Revo – Amazon

Why you should buy the Roborock Q Revo

The Roborock Q Revo is the perfect robot vacuum and mop for anyone who wants a powerful, reliable, and easy-to-use cleaning solution.

It features a powerful 5500Pa suction that can easily pick up dirt, dust, and debris from any type of floor. The dual spinning mops provide deep and thorough cleaning, and the self-cleaning dock ensures that the mops are always clean and ready to use.

The Q Revo is also incredibly intelligent. It uses a variety of sensors to navigate your home efficiently, avoiding obstacles and keeping track of its cleaning progress. It also has a variety of smart features, such as the ability to create custom cleaning schedules and no-go zones.

And best of all, the Q Revo is incredibly easy to use. Just set it up, press a button, and let it do the rest. The Q Revo will automatically map your home and create a cleaning plan, and it will even return to the dock to recharge when it’s finished.

If you’re looking for a robot vacuum and mop that can do it all, the Roborock Q Revo is the perfect choice for you. It’s powerful, intelligent, and easy to use, making it the perfect solution for anyone who wants a clean and tidy home.

You can pick up the Roborock Q Revo robot vacuum and mop from Amazon today by clicking the link below. It’s unclear how long this sale will last, so you’d better act fast.

Roborock Q Revo – Amazon


[ad_2]
Source link

Google has a coral sport band on the way for the Pixel Watch

0
[ad_1]

Google’s Pixel Watch looks due to get a coral sport band in the near future, and you can see it ever so briefly in Google’s latest #FixedOnPixel video. Now the video itself is mostly focused on the new Pixel 7 phone, and not the watch.

The aim is to highlight Women’s Soccer star Megan Rapinoe and the Pixel 7. “A legendary athlete deserves a legendary phone” the video’s description says. The ad is perfect timing with the beginning Women’s World Cup having started this week. But for all intentions of advertising the Pixel phones, Google saw fit to sneak in a plug for the upcoming coral Pixel Watch band.

It’s only in frame for a couple seconds. But that’s more than enough time to get a decent look at it. And as you’d expect, it’s a coral sport band. Nothing more, nothing less. It follows Google’s theme of colors across much of its product line. And it might just be the color you’ve been waiting for personally. If that’s the case, you’ll need to wait just a bit longer to buy one for your own watch.

The coral Pixel Watch band launches this Fall

Pixel Watch Coral Band

Google offers a handful of bands for the Pixel Watch, but the coral band is not one of them. Not yet at least. As 9To5Google points out, the band will become available later this Fall. So expect to see it hit the Google Store sometime near the end of September or later. If we had to guess, it’ll likely release around the time Google holds its Fall Pixel event.

Google doesn’t list a cost in the video but current active bands on offer are $49.99. So there’s a chance this new coral band ends up being the same price as those. It does however also look a little bit different from those. The coral band worn by Rapinoe has holes that you see on a lot of other sports bands for different watches. Whereas the ones Google currently sells have no holes. This means it’s an entirely new band and not just another color of the active ones you can already buy. So it could very well have a different cost too.


[ad_2]
Source link

Last Chance to Reserve your Next Galaxy and Save $50!

0
[ad_1]

Samsung’s Galaxy Unpacked is taking place July 26, live from Seoul, South Korea. At this event, Samsung is likely to announce a number of new devices, as they typically do. And ahead of Unpacked, you can actually reserve your new Galaxy, and save $50!

All you need to do is head to this website here. You’ll be asked for your name and email (phone number is optional). And that’s it. This is a no commitment offer from Samsung. So whether you decide to buy or not to buy later on, that’s all up to you. But if you’re on the fence about getting one of the new devices from Samsung after Unpacked, it’s a good idea to take advantage of this.

You can enter your email and name on Galaxy Reserve up until 6:59AM ET on July 26. So there’s not much time left.

Galaxy Reserve – Samsung.com

What is Samsung announcing at Unpacked?

This is Samsung’s Fall Unpacked event, which is typically where they announce their new foldables, tablets and wearables. So what we’re expecting to see this time around is the Galaxy Z Fold 5, Galaxy Z Flip 5, Galaxy Watch 6 and Watch 6 Classic, as well as the Galaxy Tab S9 series. So there’s a boat load of devices coming out next week.

Now, since Samsung is holding this event in South Korea for the first time, their home, some of us are expecting something else to be announced at the event. Maybe Samsung will finally announce the Galaxy Home that they debuted way back in 2019 at this very same event? Maybe we could see some sort of VR or AR headset? Or maybe something else. We’ll have to wait until July 26 to know for certain.

Since Unpacked is taking place in Seoul this year, that means the event is starting earlier than ever. Unpacked will be starting at 7AM ET or 4AM PT for those on the West Coast. But you can also watch it here.


[ad_2]
Source link

Sen. Casey introduces new AI bills to protect workers from “robot bosses”

0
[ad_1]

Artificial Intelligence has quickly found its way into a lot of industries in recent months, and this has had the government worried about workers’ rights and protections. Now, in a recent development, Senator Bob Casey, D-Pa, has introduced two new bills aimed at safeguarding workers from workplace surveillance and AI-powered “robot bosses.”

The first bill, titled the “No Robot Bosses Act,” seeks to establish clear guidelines for employing automated systems, such as algorithms and machine learning tools, in employment-related decision-making. Additionally, the proposed legislation will also encourage employers to provide proper training to their workforce on the use of these systems and mandate transparency in their implementation. Moreover, to address concerns about AI going rogue, the bill would require companies to maintain human oversight of all AI decisions.

The second bill, known as the “Exploitative Workplace Surveillance and Technologies Task Force Act,” aims to create a separate government body responsible for examining workplace surveillance practices. Chaired by a representative from the Department of Labor, the body will include individuals from various government domains to assess the impact of workplace surveillance and automated decision systems on employee salaries, scheduling, organizing efforts, and marginalized populations in the workforce.

Reasoning behind the new bills

Senator Bob Casey stated that the primary rationale behind these bills is to limit the impact of AI and prevent the unchecked authority of “robot bosses” from making critical decisions that affect human lives and livelihoods. Additionally, Casey argues that without proper oversight, there is a risk of discriminatory practices, unfair disciplinary actions, and even unsafe working conditions. Although these scenarios may seem far-fetched today, given the rapid pace of AI development, they could become a reality in the near future.

“Systems and software, not humans, are increasingly making decisions on whom to interview for a job, where and when employees should work, and who gets promoted, disciplined, or even fired from their job,” a summary of the bill from Casey’s office explains.

Furthermore, the bill has not only garnered widespread support from fellow Democratic senators, such as Brian Schatz of Hawaii, John Fetterman of Pennsylvania, Bernie Sanders of Vermont, and Cory Booker of New Jersey but also from major labor unions, including AFL-CIO and the Communications Workers of America, as well as organizations like the National Employment Law Project.


[ad_2]
Source link

You’ve got two weeks to patch Citrix NetScaler vulnerability CVE-2023-3519

0
[ad_1]

A critical unauthenticated remote code execution vulnerability in Citrix NetScaler ADC and Citrix NetScaler Gateway is being actively exploited

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical unauthenticated remote code execution (RCE) vulnerability in Citrix NetScaler ADC and Citrix NetScaler Gateway to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This means that Federal Civilian Executive Branch (FCEB) agencies need to remediate this vulnerability by August 9, 2023 to protect their networks against active threats. We urge everyone else to take it seriously too.

The recommended actions are to apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Given the active exploitation, we would advise to do this as soon as possible.

The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws. The actively exploited CVE patched in this update is CVE-2023-3519 a Citrix NetScaler ADC and NetScaler Gateway code injection vulnerability with a CVSS score of 9.8 out of 10. The vulnerability can lead to unauthenticated RCE. It affects appliances configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or as an authentication, authorization and accounting (AAA) virtual server.

Little information has been made available about the campaign that is exploiting this vulnerability. What we do know is that the criminals use web shells—a script that can be used by an attacker to run remote commands and maintain persistent access on an already compromised system. CISA has released a cybersecurity advisory about the tactics, techniques, and procedures (TTPs) of the currently active campaign.

Reportedly, there are around 38,000 Citrix Gateway appliances exposed to the public Internet and exploits against Citrix ADC have been discussed, including the sale of a Remote Code Execution (RCE) exploit, on a cybercrime forum.

Citrix acknowledges the urgency by stating:

“Exploits of CVE-2023-3519 on unmitigated appliances have been observed. Cloud Software Group strongly urges affected customers of NetScaler ADC and NetScaler Gateway to install the relevant updated versions as soon as possible.”

The security bulletin by Citrix about this vulnerability includes two more vulnerabilities. The following supported versions of NetScaler ADC and NetScaler Gateway are affected by the vulnerabilities:

  • NetScaler ADC and NetScaler Gateway 13.1 before 13.1-49.13
  • NetScaler ADC and NetScaler Gateway 13.0 before 13.0-91.13
  • NetScaler ADC 13.1-FIPS before 13.1-37.159
  • NetScaler ADC 12.1-FIPS before 12.1-55.297
  • NetScaler ADC 12.1-NDcPP before 12.1-55.297

Citrix notes that NetScaler ADC and NetScaler Gateway version 12.1 have reached the end-of-life stage and customers should upgrade to a newer variant of the product.

Customers using Citrix-managed cloud services or Citrix-managed Adaptive Authentication do not need to take any action.

Malwarebytes blocks the IP addresses that are known indicators of compromise (IoCs) for the active campaign exploiting this vulnerability.

Malwarebytes blocks 216.41.162.172

216.41.162.172

Malwarebytes blocks 216.51.171.17

216.51.171.17

For administrators that would like to see whether their instance has been compromised and what they should do about it, I found this checklist.


We don’t just report on vulnerabilities—we identify them, and prioritize action.

Cybersecurity risks should never spread beyond a headline. Keep vulnerabilities in tow by using Malwarebytes Vulnerability and Patch Management.


[ad_2]
Source link

Samsung nears public release of the One UI 5.1.1 update

0
[ad_1]

Samsung is getting closer to the One UI 5.1.1 stable update. The company recently updated its Good Guardians app to add support for the new, unreleased One UI version. It is already running One UI 5.1.1 public beta programs for the Galaxy Z Fold 4 and Galaxy Tab S8 series.

Good Guardians, which was formerly known as Galaxy Labs, is a first-party Samsung app that gives Galaxy users access to various system management tools. It offers a battery tracker where you get detailed battery stats, tips to extend the battery life, an app performance booster, a temperature monitor, a memory utility, a media file manager, and more.

Samsung recently updated the app to version 4.5.06, but seemingly with no notable changes. The update is rolling out through the Galaxy Store, with the changelog containing just one line: support for One UI 5.1.1 (via SamMobile). This makes Good Guardians usable for Galaxy users testing the new One UI version. But more importantly, it’s an indication of a nearing public release of the update.

Good Guardians isn’t the first Samsung app that has received One UI 5.1.1 support. The company previously updated the Nice Catch app, which is a Good Lock module, as well. A few others may have gone under the radar, or without the changelog mentioning One UI 5.1.1. All in all, the Korean behemoth looks buckled up to roll out the new One UI version to compatible Galaxy devices soon.

Speaking of compatible devices, One UI 5.1.1 should be available to all recent foldables and flagship Galaxy tablets. Since the Galaxy Z Fold 4 and Galaxy Tab S8 series already have beta programs, they should be first in the pipeline. Samsung may also push it to recent Galaxy S series phones. A few features may trickle down to select Galaxy A models as well. We will let you know when we have more information.

Upcoming Samsung foldables and tablets should ship with One UI 5.1.1

Samsung is preparing to host a major launch event next week. The Galaxy Unpacked in Seoul, South Korea, on July 26 will bring several new products. The company has readied the Galaxy Z Fold 5 and Galaxy Z Flip 5 foldables, Galaxy Tab S9 series tablets, and Galaxy Watch 6 series smartwatches. If history is any indication, the new foldables and tablets should run One UI 5.1.1 out of the box. The new watches should ship with One UI 5 Watch based on Wear OS 4. Stay tuned for the big event next Wednesday.


[ad_2]
Source link

US Army is set to test the new Microsoft HoloLens 1.2 goggles next month

0
[ad_1]

Microsoft’s first attempt at creating the HoloLens-based IVAS (Integrated Visual Augmentation System) goggles for the Army was disappointing, as many soldiers experienced nausea and other issues. Now, in a recent development, Microsoft is expected to deliver the new HoloLens IVAS 1.2 devices to the Army by the end of this month.

While the specific changes remain unclear, the headset will reportedly offer a slimmer, lighter, and more balanced design while also addressing the previous concerns with nausea. Scheduled for late August, the testing will involve two squads using 20 prototype IVAS goggles and evaluating their functionality under low-light conditions, overall reliability, and potential side effects such as nausea, headaches, and eye strain.

Why is IVAS important?

According to Master Sgt. Marc Krugh, the Microsoft HoloLens IVAS goggles are a significant development for the Army, as they enable soldiers to rehearse and train in more realistic scenarios using augmented reality, better preparing them for actual combat situations. Moreover, in battle scenarios, the goggles’ advanced night vision capabilities offer a discreet way for troops to coordinate attacks and remain vigilant for signs of injury.

Although HoloLens could become a significant asset for the military, previous versions of the goggles encountered issues that led Congress to halt further orders in January. As a result, Microsoft received $40 million to rework the hardware and address the identified problems.

Therefore, if the tests are successful, the Army might consider awarding a contract for a second field study between July and September 2024, potentially leading to an operational combat test as early as April 2025. Once the testing phase is complete, the Army plans to deploy more than 121,000 IVAS units over the next ten years.

However, failing to meet the Army’s expectations once again could result in the cancellation of the program, which would be a significant loss for Microsoft and raise doubts about the reliability of HoloLens technology.


[ad_2]
Source link

Estée Lauder targeted by Cl0p and BlackCat ransomware groups

0
[ad_1]

We take a look at reports of cosmetics firm Estée Lauder being attacked by the Cl0p and BlackCat ransomware groups.

Estée Lauder is currently at the heart of a compromise storm, revealing a major security issue via a Security Exchange Commission (SEC) filing on Tuesday.

Although no detailed explanation of what has taken place is given, there is confirmation that an attack allowed access to some systems and involved potential data exfiltration. Meanwhile, two ransomware groups are taking credit for compromises unrelated to one another. Is one of the compromises the attack mentioned in the filing? It’s worth mentioning here that Estée Lauder does not name either ransomware group. With this in mind, the relevant section from the filing reads as follows:

The Estée Lauder Companies Inc. (NYSE: EL) has identified a cybersecurity incident, which involves an unauthorized third party that has gained access to some of the Company’s systems.  After becoming aware of the incident, the Company proactively took down some of its systems and promptly began an investigation with the assistance of leading third-party cybersecurity experts. The Company is also coordinating with law enforcement.  Based on the current status of the investigation, the Company believes the unauthorized party obtained some data from its systems, and the Company is working to understand the nature and scope of that data.

The Company is implementing measures to secure its business operations and will continue taking additional steps as appropriate. During this ongoing incident, the Company is focused on remediation, including efforts to restore impacted systems and services. The incident has caused, and is expected to continue to cause, disruption to parts of the Company’s business operations.

Bleeping Computer notes that the ALPHV/BlackCat and Cl0p groups are claiming responsibility for the two unrelated ransomware compromises specifically. Worse, both ransomware groups have what they claim to be Estée Lauder data up for grabs on their leak portals.

If you’re unfamiliar with such sites, they’re places where ransomware groups store stolen data. The compromised organisation is then threatened with the data being made public, traded, or sold off to the highest bidder unless a ransom is paid. This is a common tactic in so-called “double extortion” ransomware, where the encrypting of devices is merely the first step to extracting money.

The Cl0p group claims to have somewhere in the region of 131GB of data to hand. Meanwhile BlackCat is complaining of the lack of communication from Estée Lauder, sending multiple emails but receiving no replies. It also claims to still have network access despite various attempts to secure the network.

Supposedly, the information taken could “impact customers, employees, and suppliers”. There are no further details on the contents at this time. Regular readers will know that these attacks typically target confidential information, company secrets, personal data, payroll, and identity scans. The attackers could be bluffing, or it really could be as bad as they claim. We’ll have to wait and see.

The Cl0p compromise is said to have made use of a MOVEit Transfer vulnerability to gain access to the target systems. Both Cl0p and BlackCat tend to feature heavily in our ransomware review posts. In our June post, Cl0p was the most active group around with BlackCat falling suspiciously quiet. Perhaps it was focusing on heavy-hitter attacks such as this the whole time.

How to avoid ransomware

  • Block common forms of entry. Create a plan for patching vulnerabilities in internet-facing systems quickly; disable or harden remote access like RDP and VPNs; use endpoint security software that can detect exploits and malware used to deliver ransomware.
  • Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.
  • Stop malicious encryption. Deploy Endpoint Detection and Response software like Malwarebytes EDR that uses multiple different detection techniques to identify ransomware, and ransomware rollback to restore damaged system files.
  • Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
  • Don’t get attacked twice. Once you’ve isolated the outbreak and stopped the first attack, you must remove every trace of the attackers, their malware, their tools, and their methods of entry, to avoid being attacked again.

Malwarebytes EDR and MDR removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.

TRY NOW


[ad_2]
Source link

Galaxy Tab Active 4 Pro bags Samsung’s July update globally

0
[ad_1]

The Galaxy Tab Active 4 Pro is the latest Samsung device to receive the July 2023 Android security patch. The rugged tablet is picking up this month’s security update widely around the world. The Korean firm has already pushed the new SMR (Security Maintenance Release) to dozens of other Galaxy devices.

First reportedly by SamMobile, the July SMR is available for both Wi-Fi and cellular (5G) variants of the Galaxy Tab Active 4 Pro. The Wi-Fi model (SM-T630) is receiving the update in Europe and the USA with the firmware build number T630XXS3BWG2, the publication confirms. The device doesn’t seem to be getting additional goodies. Samsung is only pushing the latest security fixes to the tablet.

For users with a 5G-enabled Galaxy Tab Active 4 Pro, the July update comes with varying build numbers depending on the market. The South Korean version of the tablet (SM-T636N) sees its firmware version bumped to T636NKOS3BWG1 with this release. In Europe (SM-T636B), it’s T636BXXS3BWG2. Finally, users in Latin America (SM-T636B) are getting the July SMR with the firmware build number T636BXXS2BWF2.

Like the Wi-Fi variant, the Galaxy Tab Active 4 Pro 5G also doesn’t get anything apart from the latest security fixes with this update. Samsung has already confirmed that the July SMR for Galaxy devices contains 90 patches. This is a combined total of Android OS patches coming from Google and Galaxy patches coming directly from the Korean firm. At least three security flaws patched this month were critical issues.

If you’re using the Galaxy Tab Active 4 Pro and have yet to receive the July update from Samsung, your wait should end soon. Be on the lookout for a notification in the coming days. It will prompt you to download the OTA (over the air) update. You can also manually check for updates from the Settings app on your rugged Samsung tablet. Navigate to Settings > Software update and tap on Download and install.

The Galaxy Tab Active 4 Pro will get Android 14

Samsung launched the Galaxy Tab Active 4 Pro in August 2022. The device came running Android 12 out of the box. It has since picked up Android 13 as well. And the tablet is also eligible for Android 14. The Korean firm is expected to launch Android 14 beta programs later this month, with the stable update likely arriving in October. The Galaxy Tab Active 4 Pro may get the big update in late 2023 or in 2024. Stay tuned for more information about Samsung’s Android 14 plans.


[ad_2]
Source link