Cyware Daily Threat Intelligence

Daily Threat Briefing • Jan 2, 2018
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Jan 2, 2018
Top Vulnerabilities Reported in the Last 24 Hours
Unpatched macOS vulnerability
Recently, a security researcher has made public the details of an unpatched vulnerability in macOS that can be exploited. The unpatched flaw can enable an unprivileged user to take complete control of the system if they have physical access to the system to execute arbitrary code and get root permissions.
Sonos and Bose speaker flaws
Some models of Sonos and Bose speakers, including the newer the Sonos One, Sonos Play:1, and Bose SoundTouch systems, can be accessed remotely, and then commandeered with straightforward tricks to play any audio file that a hacker chooses. Beyond merely playing sounds through a victim's device, a hacker could also determine information like what file a vulnerable speaker is currently playing, the name of someone's accounts on services like Spotify and Pandora, and the name of their Wi-Fi network.
CSRF flaw
One of the serious vulnerabilities has been found in phpMyAdmin by security researchers. This flaw allows hackers to exploit a CSRF flaw and drop tables, delete records, and perform other database operations.