Hackers have broken into the Syniverse network, which provides SMS routing services to most of…
Garrett is a renowned US manufacturer of hand held and arched metal detectors commonly used in locations such as airports, banks, museums, courts, schools, prisons, and more. However, experts have found that Garrett devices have security problems: many vulnerabilities allow attackers to execute commands or read / change information in the Garret iC Module version 5.0, which is a component that provides network connectivity to the Garrett PD 6500i and Garrett MZ 6100 metal detectors.
In their blog, Cisco Talos analysts detail the following issues:
In the case of the most dangerous vulnerabilities, CVE-2021-21901 and CVE-2021-21903, the iC module provides a discovery service on UDP port 6977. That is, exploitation of problems is possible through sending specially formatted UDP packets that will force the device to share confidential information in response. Using the data obtained in this way, an attacker can create a UDP packet with a sufficiently long CRC field, which will lead to a buffer overflow and allow remote execution of arbitrary code.
Let me remind you that we talked about what Microsoft said that since May 2021, the Nobelium group hacked at least 14 IT companies, and also that Hackers hacked a company that is engaged in routing SMS operators in the United States.
News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…
Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…
News-xlixoti.com is a site that tries to force you into subscribing to its browser notifications…
Ducesousightion.com is a domain that tries to trick you into clik to its browser notifications…
News-xlabica.live is a domain that tries to trick you into clik to its browser notifications…
Mergechain.co.in is a site that tries to trick you into subscribing to its browser notifications…