#thisweekinsecurity
#ThisWeekInSecurity: #Ghoscript in #Imagemagick, #Solarwinds, and #DHCP #Shenanigans
A PoC was just published for a potentially serious flaw in the Ghostscript interpreter. Ghostscript can load Postscript, PDF, and SVG, and it has a feature from Postscript that has been a continual…
https://hackaday.com/2021/09/10/this-week-in-security-ghoscript-in-imagemagick-solarwinds-and-dhcp-shenanigans/ #ThisWeekInSecurity
One person like that
1 Shares
One person like that
1 Comments
#ThisWeekInSecurity: #Insecure #Chargers, #Request #Forgeries, and #Kernel #Security
The folks at Pen Test Partners decided to take a look at electric vehicle chargers. Many of these chargers are WiFi-connected, and let you check your vehicle’s charge state via the cloud. How…
https://hackaday.com/2021/08/06/this-week-in-security-insecure-chargers-request-forgeries-and-kernel-security/ #ThisWeekInSecurity
1 Shares
#ThisWeekInSecurity: #Fail2RCE, #TPM #Sniffing, #Fishy #Leaks, and #Decompiling
Fail2ban is a great tool for dynamically blocking IP addresses that show bad behavior, like making repeated login attempts. It was just announced that a vulnerability could allow an attacker to tak…
https://hackaday.com/2021/07/30/this-week-in-security-fail2rce-tpm-sniffing-fishy-leaks-and-decompiling/ #ThisWeekInSecurity
1 Shares