Microsoft researchers have detected a cross-platform botnet designed to infect Windows, Linux, and IoT devices. The botnet dubbed “MCCrash” then launches distributed denial of service (DDoS) attacks against private Minecraft servers.
Cisco has released a security advisory for OpenSSL vulnerabilities affecting Cisco products.
The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-213 IoT Device: “Cybersecurity Guidance for the Federal Government: Establishing IoT Device Cybersecurity Requirements.”
Researchers have discovered 14 BusyBox vulnerabilities that impact embedded Linux OS used in many internet of things (IoT) and operational technology (OT) devices.
A vulnerability in ThroughTek’s Kalay Platform software development hit (SDK) has exposed many security cameras used by original equipment manufacturers (OEMs) of consumer-grade security cameras and IoT devices.
Security researchers from Microsoft have discovered a collection of vulnerabilities dubbed “BadAlloc” that affect a broad range of IoT and OT devices in industrial, medical and consumer sectors.
Security researchers have discovered nine vulnerabilities collectively dubbed NAME:WRECK than can break DNS implementations in TCP/IP stacks and lead to denial of service or remote code execution. The experts also provided guidelines to organization on how to fix the issues.
The National Security Agency (NSA) has released new guidelines on the Zero Trust Security Model, a coordinated system management strategy that removes implicit trust in any one system or service and assumes breaches will or have already occurred.
Microsoft has released the February 2021 Security updates that includes patches for 56 vulnerabilities, 11 of those rated Critical. Moreover, the tech giant warned of a Win32k Privilege Escalation vulnerability CVE-2021-1732 exploited in wild.
Cisco has patched three Critical vulnerabilities in Cisco Integrated Management Controller (IMC), DNA Spaces Connector and IoT Field Network Director (FND) products.
