Information about vulnerabilities that may effect your computing

SSD Encryption from Crucial and Samsung is not secure Exposes Data

/
The researchers examined multiple SSDs, including Crucial and Samsung, some of which they found could be unlocked with any password if the password validation routine in RAM was modified through a standard JTAG debugging interface.

Cisco WebEx Meetings Server XML External Entity (CVE-2018-18895)

/
Cisco Webex Meetings Server includes a version of Castor XML that is affected by XXE. Because of that Cisco WebEx Meetings Server prior to versions 2.8MR3 and 3.0MR2 patch 1 are affected from XXE vulnerability.

U-Boot verified boot bypass vulnerabilities (CVE-2018-18439, CVE-2018-18440)

/
Multiple techniques have been identified that allow to execute arbitrary code, within a running U-Boot instance, by means of externally provided unauthenticated data.

New PortSmash Side-Channel Vulnerability (CVE-2018-5407)

/
A new vulnerability being called PortSmash, (CVE-2018-5407) has been discovered impacting all CPUs that use a Simultaneous Multithreading (SMT) architecture. SMT is a technology that allows multiple computing threads to be executed simultaneously on a CPU core.

Armis Discovers “BLEEDINGBIT,” Two Critical Chip-Level Vulnerabilities

/
Armis, the enterprise IoT security company, today announced the discovery of two critical vulnerabilities related to the use of Bluetooth Low Energy (BLE) chips made by Texas Instruments (TI), and used in Cisco, Meraki and Aruba wireless access points, called "BLEEDINGBIT."

Wireshark Security Advisory

/
- ------------------------------------------------------------------------- Debian…

p-smash DoS (ICMP 9 flood)

/
p-smash DoS (ICMP 9 flood) Vulnerability Severity p-smash…

WordPress 4.5.2 Security Release

/
WordPress 4.5.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.

WordPress Redirect Hack via Test0.com/Default7.com

/
We’ve been working on a few WordPress sites with the same infection that randomly redirects visitors to malicious sites via the default7 .com / test0 .com / test246 .com domains.

Cracked Uber accounts tumble to 40 cents on the dark web

/
A posting from naked security titled " Cracked Uber accounts…