Vulnerability Disclosed in Ubquiti Networks Admin Interface | Threatpost

Vulnerability Disclosed in Ubquiti Networks Admin Interface | Threatpost

The command injection flaw exposes the Ubiquiti admin interface to a number of risky attacks, SEC Consult said. For example, an attacker could connect to a vulnerable device by opening a port binding or reverse shell, and also change the password because the service runs as root. “The vulnerability can be exploited by luring an attacked user to click on a crafted link or just surf on a malicious website,” SEC Consult said in its advisory. “The whole attack can be performed via a single GET-request and is very simple since there is no CSRF protection.”



Apple just did a very un-Apple thing: It admitted it needs to re-think its high-end Macs | Recode

Apple just did a very un-Apple thing: It admitted it needs to re-think its high-end Macs | Recode

Hackers Threaten to Remotely Wipe 300 Million iPhones Unless Apple Pays Ransom | The Hacker News

Hackers Threaten to Remotely Wipe 300 Million iPhones Unless Apple Pays Ransom | The Hacker News