Home / Early Warning / Cybersecurity Highlights / Filter / Cybersecurity Highlights
Subscribe to INCIBE-CERT - Cybersecurity Highlights RSS

Cybersecurity Highlights

This section registers the most relevant incidents or public events related to the cybersecurity and information and communication technologies (ICT), in a way that a chronological history of them is available, together with their main links, references and information sources.
Post related to: Vulnerability

BMW fixes critical vulnerability in 2.2 million cars

The German Automobile Club Association (ADAC) has published a vulnerability affecting BMW vehicles with ConnectedDrive that also have a data SIM. BMW ConnectedDrive allows using a smartphone for...

SS7 flaws allows listening to calls and reading SMS

Several flaws in SS7 protocol, the one used to manage calls through the telephone network, makes it possible for anyone to listen in on cell phone calls, read text messages abusing the legitime...

Misfortune Cookie

Check Point researchers have detected a vulnerability that would affect more than 12 million devices in 189 countries.The vulnerability is due to an incorrect handling of the HTTP cookies in the...

Visa contactless payment 'security flaw'

Researchers at the University of Newcastle, UK, have released a security flaw in Visa contactless payment cards. This failure can be used to authorize transactions without manual authorization and...

Poodle: exploiting SSL 3.0

Published a new attack against the obsolete and unsecured version 3.0 of the SSL cryptographic protocol, called POODLE (Padding Oracle On Downgraded Legacy Encryption). Taking advantage of the...

Vulnerabilidad Heartbleed

Importante vulnerabilidad descubierta en las librerías OpenSSL a través de la función Heartbeat y bautizada como "Heartbleed". La gravedad de la vulnerabilidad está en la posibilidad de obtener...

300.000 routers domésticos comprometidos

Un equipo de investigadores de Team Cymru desveló que mas de 300.000 routers domésticos small office/home office (SOHO), estaban comprometidos encontrándose su configuración DNS manipulada con...

Bug en SSL/TLS de Apple

Se ha detectado un error de implementación en la capa de transporte seguro del sistema de gestión de TLS/SSL en varios productos Apple, lo que supone un fallo de validación en la autenticación de...