Tuesday, September 12th, 2017
What spreads through the air, is invisible to users, and requires no user interaction— no clicking, no pairing, no downloading, not even turning on discoverable mode— but could bring the hurt to billions of devices? It’s an attack vector dubbed Blueborne. Researchers revealed eight different bugs that affect the Bluetooth ...
Posted in Internet, Linux, Mobile, Security, Windows | No Comments
Monday, September 11th, 2017
Google plans to launch a new security feature in the upcoming Chrome 63 browser that notifies users about Man-in-the-Middle (MITM) issues.
MITM is best known as a method to attack user systems by intercepting and manipulating traffic. Many security programs with firewall and browsing components do use similar functionality to inspect ...
Posted in Internet, Privacy, Security | No Comments
Monday, September 11th, 2017
When a zero-day vulnerability becomes public, of which by its nature no patches or fixes are available at the time, one is enough for vendors to come to terms with in order to rapidly devise a solution.
D-Link now has 10 such previously-unknown bugs on its plate to fix.
Last week, security ...
Posted in Hardware, Internet, Networking, Security | No Comments
Tuesday, September 5th, 2017
In Q1 and Q2 of 2017, we noticed a sharp decline in drive-by downloads coming from compromised websites. The campaigns of the past are either gone (Pseudo Darkleech) or have changed focus (EITest using social engineering techniques).
Malvertising – which has remained steady and is currently the main driving force behind ...
Posted in Internet, Privacy, Security | No Comments
Friday, September 1st, 2017
On August 31, 2017, Nomotion released five vulnerabilities for two Arris modems used by AT&T U-Verse customers in the US. The vulnerabilities are of the following types:
Hardcoded Credentials (CWE-798)
Information Exposure (CWE-200)
Authenticated Command Injection (CWE-78)
Firewall Bypass (CWE-653)
The hardcoded credentials give attackers access to the device via SSH or HTTP/HTTPS. ...
Posted in Hardware, Internet, Networking, Security | No Comments
