Security experts are warning owners of Mitsubishi Outlander Plug-In Hybrid Electric Vehicle that their cars can be hacked via the automobile’s on-board WiFi network used for remote control of key car features. The hybrid electronic vehicle, which is slated to be sold here in the U.S. starting this fall, suffers from weak password requirements that...

ExaGrid has removed a private SSH key and weak, hardcoded credentials shipping with all of its disk-based storage appliances. Updated firmware has been available since March 24 and storage and security managers are urged to update devices to version 4.8 P26. Researcher James Lee of Rapid7 privately disclosed the issue to the storage vendor on...

Lenovo today has patched a number of vulnerabilities that jeopardize private data, which are largely enabled by a simple hard-coded password in a freely available file-sharing application. The flaws were found in in the Lenovo ShareIT application for Android and Windows by researchers at Core Security’s CoreLabs. The app allows users to share files over...