Home / Early Warning / Cybersecurity Highlights / Filter / Cybersecurity Highlights
Subscribe to INCIBE-CERT - Cybersecurity Highlights RSS

Cybersecurity Highlights

This section registers the most relevant incidents or public events related to the cybersecurity and information and communication technologies (ICT), in a way that a chronological history of them is available, together with their main links, references and information sources.
Post related to: Vulnerability

0day in Seagate NAS devices

03/01/2015
Beyond Binary has published a 0day report that affects NAS devices from Seagate. The vulnerability allows unauthenticated attackers to perform remote code execution, provided that they are located...

BMW fixes critical vulnerability in 2.2 million cars

01/30/2015
The German Automobile Club Association (ADAC) has published a vulnerability affecting BMW vehicles with ConnectedDrive that also have a data SIM. BMW ConnectedDrive allows using a smartphone for...

SS7 flaws allows listening to calls and reading SMS

12/18/2014
Several flaws in SS7 protocol, the one used to manage calls through the telephone network, makes it possible for anyone to listen in on cell phone calls, read text messages abusing the legitime...

Misfortune Cookie

12/18/2014
Check Point researchers have detected a vulnerability that would affect more than 12 million devices in 189 countries.The vulnerability is due to an incorrect handling of the HTTP cookies in the...

Visa contactless payment 'security flaw'

11/01/2014
Researchers at the University of Newcastle, UK, have released a security flaw in Visa contactless payment cards. This failure can be used to authorize transactions without manual authorization and...

Poodle: exploiting SSL 3.0

10/14/2014
Published a new attack against the obsolete and unsecured version 3.0 of the SSL cryptographic protocol, called POODLE (Padding Oracle On Downgraded Legacy Encryption). Taking advantage of the...

Vulnerabilidad Heartbleed

04/07/2014
Importante vulnerabilidad descubierta en las librerías OpenSSL a través de la función Heartbeat y bautizada como "Heartbleed". La gravedad de la vulnerabilidad está en la posibilidad de obtener...

Pages