Nvidia released updates to its users after security researchers and the Nvidias Product Security Team found 16 vulnerabilities in the Nvidia driver and software packages. One of the vulnerabilities found in the driver package allows for an escalation of privileges and could allow full control of the system. Drivers tend to have administrative privileges and so this creates a … [Read more...]
Zyxel Adds a Built-in User With A Easy To Find Password
Zyxel, a firewall and AP vendor, released a firmware update to their devices that included an unexpected, built-in admin user account called "zyfwp". Folks in information security often characterize this sort of hidden and hardcoded accounts as a “backdoor” account, even though it is hard to say if the vendors who do this do so intentionally or accidentally. First found by … [Read more...]
FBI Indicates Possible Second Hack By APT29
As news of the recent SolarWinds hack still unfolds, new information about APT29 possibly hacking a second major technology supplier could cause major disruptions. "CISA is investigating other initial access vectors in addition to the SolarWinds Orion supply chain compromise. " the CISA report reads. This statement replaces a previous statement indicating there was another … [Read more...]
XRSI May Have Lie About Gaining Root Access The Quest 2
We recently found XRSI, through their now-removed blog site post, claiming to have root access to Oculus Quest 2, a Virtual Reality game platform. New information from a Reddit user question if XRSI gained root access and the truthfulness of their claims. Since we published their claim, we thought it appropriate to also review what the Reddit user found. User “not_xrsi” claimed … [Read more...]
FCC Again Labels ZTE A ‘National Security Threat
Last month, the FCC again rejected the Chinese device manufacturer ZTE’s request for its removal off of the US national security threat designation. Both ZTE and Huawei fall under this category as a possible risk of espionage. While both manufacturers deny the threat, Chinese law does allow their government to spy on users with few safeguards. "Notably, ZTE didn't … [Read more...]
