Home / Early Warning / Cybersecurity Highlights / Filter / Cybersecurity Highlights
Subscribe to CERTSI - Cybersecurity Highlights RSS

Cybersecurity Highlights

This section registers the most relevant incidents or public events related to the cybersecurity and information and communication technologies (ICT), in a way that a chronological history of them is available, together with their main links, references and information sources.
Post related to: Vulnerability

BMW fixes critical vulnerability in 2.2 million cars

01/30/2015
The German Automobile Club Association (ADAC) has published a vulnerability affecting BMW vehicles with ConnectedDrive that also have a data SIM. BMW ConnectedDrive allows using a smartphone for...

SS7 flaws allows listening to calls and reading SMS

12/18/2014
Several flaws in SS7 protocol, the one used to manage calls through the telephone network, makes it possible for anyone to listen in on cell phone calls, read text messages abusing the legitime...

Misfortune Cookie

12/18/2014
Check Point researchers have detected a vulnerability that would affect more than 12 million devices in 189 countries.The vulnerability is due to an incorrect handling of the HTTP cookies in the...

Visa contactless payment 'security flaw'

11/01/2014
Researchers at the University of Newcastle, UK, have released a security flaw in Visa contactless payment cards. This failure can be used to authorize transactions without manual authorization and...

Poodle: exploiting SSL 3.0

10/14/2014
Published a new attack against the obsolete and unsecured version 3.0 of the SSL cryptographic protocol, called POODLE (Padding Oracle On Downgraded Legacy Encryption). Taking advantage of the...

Vulnerabilidad Heartbleed

04/07/2014
Importante vulnerabilidad descubierta en las librerías OpenSSL a través de la función Heartbeat y bautizada como "Heartbleed". La gravedad de la vulnerabilidad está en la posibilidad de obtener...

300.000 routers domésticos comprometidos

03/03/2014
Un equipo de investigadores de Team Cymru desveló que mas de 300.000 routers domésticos small office/home office (SOHO), estaban comprometidos encontrándose su configuración DNS manipulada con...

Bug en SSL/TLS de Apple

02/22/2014
Se ha detectado un error de implementación en la capa de transporte seguro del sistema de gestión de TLS/SSL en varios productos Apple, lo que supone un fallo de validación en la autenticación de...

Pages