'The Pointer' Media! The Intersection Of E-Learning & Tangible Work Experience - Critical Vulnerability in Hikvision Storage Solutions Exposes Video Security Data by Eduard Kovacs

Home
Contact
CertificationPoint Home
Work Experience Builders
NFTs via CertificationPoint
Certification Exams
Events Calendar
CP Forums
How-To Tutorials
Core Services
CPNTcoin Crypto
Join CertificationPoint

Random Entry

The Problem Facing Students Entering the Professional World
U.S. Scrambles to Investigate Military Intel Leak by Phil Muncaster
Students Concerned About Changing College Choice or Delaying Enrollment
As Cybersecurity Costs Rise, How Can K–12 Schools Ratchet Up Protection on a Budget? by Amy Burroughs
Bridging the skills gap: Fuelling careers and the economy in Pakistan by Ritu Bhandari

Archives

View Archives

2024
- April
- March
- February
- January
2023
- December
- November
- October
- September
- August
- July
- June
- May
- April
  - AI-created images lose U.S. copyrights in test for new technology By Blake Brittain
    04/30/23
  - Starting An LLC As A Freelancer: A Worthy Investment by Jacqueline Luberto
    04/30/23
  - Apprenticeships can offer workers on-the-job training. Why aren’t they more popular? by AJ Hess
    04/29/23
  - APU president says the school can help address Alaska’s outmigration woes
    04/25/23
  - Understanding the GitHub Security Incident: Implications and Preventive Measures
    04/24/23
  - FIVE CAREER MILESTONES TO WORK TOWARD
    04/24/23
  - 3 REASONS TO OUTSOURCE STAFFING
    04/23/23
  - WHY DESKTOP SUPPORT IS BECOMING MORE IMPORTANT
    04/22/23
  - Belgium's job scene: Five standout sectors by halian.com
    04/21/23
  - 5 Tech Certifications That Help Make You Stand Out
    04/21/23
  - HOW TO SCREEN AND HIRE FOR CULTURE FIT
    04/21/23
  - FINDING THE FIT: MORE ABOUT BEHAVIORAL AND CASE INTERVIEWING
    04/20/23
  - Dark Mode vs. Light Mode: Which Is Better? By Raluca Budiu
    04/19/23
  - THE NEW FORMULA FOR ACQUIRING AND PRESERVING TALENT
    04/19/23
  - This Portuguese edtech scores €1.5M to revolutionise the future of learning byAbhinaya Prabhu
    04/18/23
  - Why Entrepreneurship Should Be Taught Before College by Levi King
    04/18/23
  - Leaders: How mentoring can help your communication skills BY WEAVING INFLUENCE
    04/18/23
  - In Argentina, coding bootcamps target the poor to fill tech jobs by David Feliba
    04/18/23
  - STRUGGLING TO FIND GOOD TALENT? YOU'RE NOT ALONE.
    04/18/23
  - WHAT IS CMMI? A MODEL FOR OPTIMIZING DEVELOPMENT PROCESSES
    04/17/23
  - The Best Mentors Ask These Questions! by Gwen Moran
    04/17/23
  - 15 Career Milestones To Celebrate (And How To Set New Ones) by Kim Managhan
    04/17/23
  - HOW AI IS ENHANCING THE CUSTOMER SERVICE EXPERIENCE
    04/16/23
  - Starting strong by Andrea Feinberg
    04/16/23
  - 5 KEY TECH TOOLS FOR STARTUPS
    04/15/23
  - What it takes to be successful at mentoring by Lori Fischler and Mike St. Pierre
    04/15/23
  - THE ONE THING THAT CAN SPEED UP YOUR RECRUITMENT PROCESS
    04/14/23
  - Why Do Local Businesses Have To Worry About Content Marketing And How Should They Do It? by Jeff Riddall
    04/14/23
  - Google Links More iOS, Android Zero-Day Exploits to Spyware Vendors By Eduard Kovacs
    04/13/23
  - Veritas Vulnerabilities Exploited in Ransomware Attacks Added to CISA ‘Must Patch’ List ByIonut Arghire
    04/13/23
  - Critical Vulnerability in Hikvision Storage Solutions Exposes Video Security Data by Eduard Kovacs
    04/13/23
  - Cyber-Attacks in the Media Industry Making Headlines by James Coker
    04/13/23
  - Phishing Campaigns Use SVB Collapse to Harvest Crypto by Phil Muncaster
    04/13/23
  - KFC Owner Discloses Data Breach by Phil Muncaster
    04/13/23
  - Ethical Hackers Could Earn up to $20,000 Uncovering ChatGPT by Beth Maundrill
    04/13/23
  - Student Entrepreneurship Fuels Business Growth And Learning by Christopher Marquis
    04/13/23
  - Prolific Spanish Teen Hacking Suspect Arrested by Phil Muncaster
    04/13/23
  - Zelle Phishing by Jeremy Fuchs
    04/13/23
  - Italy's Privacy Watchdog Blocks ChatGPT Amid Privacy Concerns by Alessandro Mascellino
    04/13/23
  - Researchers Uncover 7000 Malicious Open Source Packages by Phil Muncaster
    04/12/23
  - The Best Mentorships Help Both People Grow by David Nour
    04/12/23
  - UA to Honor 8 Faculty for Research, Creativity
    04/11/23
  - BetterHelp Shared Users’ Sensitive Health Data, FTC Says By Associated Press
    04/11/23
  - Over a Million Financial Records Exposed in Data Incident Involving Fintech Company by Jeremiah Fowler
    04/11/23
  - U.S. Scrambles to Investigate Military Intel Leak by Phil Muncaster
    04/11/23
  - Vermont’s career and tech education system needs repair, report says by Peter D'Auria
    04/10/23
  - Windows Zero-Day Exploited in Nokoyawa Ransomware Attacks ByEduard Kovacs
    04/10/23
  - Superyacht-Maker Hit by Easter Ransomware Attack by Phil Muncaster
    04/10/23
  - Two-Fifths of IT Pros Told to Keep Breaches Quiet by Phil Muncaster
    04/09/23
  - HOW TO GET THE MOST OUT OF A NETWORKING EVENT
    04/09/23
  - Questions to ask your career counselor by Indeed Editorial Team
    04/08/23
  - HOW TO PROTECT YOUR SMALL BUSINESS FROM HACKERS
    04/07/23
  - Powerful Plugins: The Best Free WordPress Plugins for Freelance Designers
    04/07/23
  - College Students and Freelancing: Making Side Gig Money While in College By Ben Walker
    04/07/23
  - Apple Patches Two Zero-Days Exploited in the Wild by Alessandro Mascellino
    04/07/23
  - Ransomware “Paralyzes” Spanish Employment Agency by Phil Muncaster
    04/06/23
  - SEVEN WAYS TO BE HEARD IN MEETINGS AS AN INTROVERT
    04/06/23
  - Reasons Why Freelancing During College is Awesome! by Rachel Elle
    04/04/23
  - Malicious Android Apps Sold For Up to $20,000 on Darknet by Alessandro Mascellino
    04/04/23
  - DISASTER RECOVERY VS. BACKUP: WHAT YOU NEED TO KNOW
    04/02/23
- March
- February
- January
2022
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
2021
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
2020
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
2019
- December
- November
- September
- August
- July
- June
- May
- March
- February
- January
2018
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
2017
- December
- November
- September
- August
- July
- June
- May
- April
- February
2016
- November
- September
- August
- July
- June
- March
2015
- November
- September
- August
- March
- January
2014
- December
- October
- August
- June
- May
- March
2013
- April
- February
- January
2012
- December
- May
- February
2011
- February
2010
- February
2007
- August
2006
- November
2005
- April
2003
- September

Counter Totals

Total: 19,369,717
Today: 210
Yesterday: 237

Most Recent Entries

What are the best ways to train students for freelance work?
How to Begin Your Freelance Writing Career And Have Success?
How To Start Freelancing As A Hard-Working College (High School) Student Without Experience
The Importance of Freelancing for Students: How to Get Started by Shashank Tripathi
Here's how you can maximize data analysis efficiency with cloud computing. Powered by AI
What is startup valuation and how can you improve it? Powered by AI
What are some of the common valuation methods for early-stage startups that have no or minimal revenue? Powered by AI
Should Students Work as Freelancers and What Are the Opportunities? by Cade Kennedy
Meta Is Already Training a More Powerful Successor to Llama 3
FBI warns consumers not to use public phone charging stations By Jennifer Korn

Most Recent Comments

Jacob H.
02/18/2023
Why do the stories about the economy and job market etc...

janelle
02/18/2023
I know someone who is sitting on 2 degrees and is doing a...

M. Squatch
02/18/2023
I keep seeing pieces like this, and I just have to wonder...

Jimmy Fox
02/18/2023
There are still rock-stable jobs out there, or as close to...

Proud Liberal
02/18/2023
I’m so glad the younger generation has begun to see their...

Calendar

Bookmark Sharing

Creative Commons

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 License.

Critical Vulnerability in Hikvision Storage Solutions Exposes Video Security Data by Eduard Kovacs

Thursday, April 13, 2023, 10:38 AM
Posted by Administrator

Video surveillance giant Hikvision this week informed customers that it has patched a critical vulnerability affecting its Hybrid SAN and cluster storage products.

The vulnerability, tracked as CVE-2023-28808, has been described by the vendor as an access control issue that can be exploited to obtain administrator permissions by sending specially crafted messages to the targeted device.

The impacted products are used by organizations to store video security data, and an attacker exploiting the vulnerability could gain access to that data.

In a notification sent by Hikvision to partners — a copy was also shared with SecurityWeek — the company said it’s not aware of in-the-wild exploitation.

“While Hikvision is not aware of this vulnerability being exploited in the field, we recognize that some of our partners may have installed Hikvision equipment that is affected by this vulnerability and we strongly encourage them to work with their customers to install the patch and ensure proper cyber hygiene,” the company told partners.

Hikvision noted in its advisory that an attacker needs to have network access to the targeted device in order to exploit CVE-2023-28808.

However, Arko Dhar, the CTO of Redinent, the India-based CCTV and IoT cybersecurity company credited for finding the vulnerability, told SecurityWeek that many impacted systems are exposed to the internet and remote exploitation is possible.

“The Hybrid SAN storage is primarily meant to store CCTV video recordings. But it can also be configured to store business data as well. The impact is very wide – an attacker can delete video recordings and business data at the same time, delete backups and cause significant impact to the business,” Dhar warned.

Redinent’s researchers discovered the vulnerability in late December 2022 and the flaw was reported to the vendor through CERT India in January.

Hikvision announced on April 10 that patches are included in version 2.3.8-8 for Hybrid SAN and version 1.1.4 for cluster storage devices. The vendor has provided detailed instructions for installing the updates.

add comment ( 54 views ) | permalink |

( 3 / 169 )

<<First <Back | 608 | 609 | 610 | 611 | 612 | 613 | 614 | 615 | 616 | 617 | Next> Last>>

«	April 2023					»
Sun	Mon	Tue	Wed	Thu	Fri	Sat
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30
05/08/2024