All about Security, News, Events and Incidents

SECURITY
Secret backdoor discovered in Zyxel firewall and AP controllers bleepingcomputer.com |
JANUARY 02, 2021

Over 100,000 Zyxel devices are potentially vulnerable to a secret backdoor caused by hardcoded credentials used to update firewall and AP controllers' firmware....

 

Zyxel backdoor (CVE-2020-29583) is actively exploited
Posted on 2021-01-07 bnorncity.de

​

In late December 2020, I had blogged about an undocumented user in Zyxel products (CVE-2020-29583), see my the blog post Undocumented User in Zyxel Products (CVE-2020-29583). The vendor has provided an update to remove this undocumented user that’s a backdoor. Now I read that cyber criminals are actively scanning the Internet for vulnerable Zyxel products to exploit the backdoor....

 

NVIDIA Patches Several High Risk Security Flaws In Windows And Linux GeForce Drivers, Update Now hothardware.com | Sunday, January 10, 2021

For as long as developers have been writing software code, they've been inadvertently creating bugs. It's when those bugs can compromise the security of a PC that a bug goes from an annoyance to a potential real danger. Security issues with apps can be worked around in the interim, even if it means uninstalling it, but what about when the security vulnerability is in the driver for some critical piece of hardware; say a video adapter? When that happens, developers have to isolate the cause and act quickly to plug the holes, or else risk any PC with that hardware being open to attack. Such was the case for NVIDIA this week.

The GeForce, Quadro, and AI accelerator maker has issued a series of driver updates this week to prevent ten years of graphics hardware from being susceptible to attacks. This is a big deal is because like video drivers from all major vendors, NVIDIA's drivers run in kernel mode with additional unrestricted access in the name of better performance. That's true of the oldest hardware on the market up to and including the latest Ampere GPUs from the GeForce RTX 30 Series....

 

Signal Vs Telegram, WhatsApp, Facebook Messenger: What Data Dose Each App Collect from your phone?