Microsoft has issued a warning over ViewState code injection attacks on ASP.NET websites, where remote code execution can enable cybercriminals to inject malicious code. There are reportedly thousands of publicly available machine keys, originally designed to protect ViewState data, now being used by developers to side-step the process of generating their own, increasing the risk. Microsoft recommends developers generate their own keys, encrypt sensitive data and migrate to newer versions of ASP.NET.
CISA, FDA Release Warning on Contec CMS8000 Firm
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Food and Drug Administration (FDA) have warned about cybersecurity vulnerabilities in Contec’s CMS8000 patient
