5.3 billion devices at risk for invisible, infectious Bluetooth attack

Tuesday, September 12th, 2017

What spreads through the air, is invisible to users, and requires no user interaction— no clicking, no pairing, no downloading, not even turning on discoverable mode— but could bring the hurt to billions of devices? It’s an attack vector dubbed Blueborne. Researchers revealed eight different bugs that affect the Bluetooth ...

Hardcoded Credentials Expose Customers of AT&T U-Verse

Friday, September 1st, 2017

On August 31, 2017, Nomotion released five vulnerabilities for two Arris modems used by AT&T U-Verse customers in the US. The vulnerabilities are of the following types: Hardcoded Credentials (CWE-798) Information Exposure (CWE-200) Authenticated Command Injection (CWE-78) Firewall Bypass (CWE-653) The hardcoded credentials give attackers access to the device via SSH or HTTP/HTTPS. ...

‘Petya’ Ransomware Outbreak Goes Global

Tuesday, June 27th, 2017

A new strain of ransomware dubbed “Petya” is worming its way around the world with alarming speed. The malware is spreading using a vulnerability in Microsoft Windows that the software giant patched in March 2017 — the same bug that was exploited by the recent and prolific WannaCry ransomware strain. According ...

Advanced CIA firmware has been infecting Wi-Fi routers for years

Thursday, June 15th, 2017

Home routers from 10 manufacturers, including Linksys, DLink, and Belkin, can be turned into covert listening posts that allow the Central Intelligence Agency to monitor and manipulate incoming and outgoing traffic and infect connected devices. That's according to secret documents posted Thursday by WikiLeaks. CherryBlossom, as the implant is code-named, can ...

Explained – How Intel AMT Vulnerability Allows to Hack Computers Remotely

Friday, May 5th, 2017

Earlier this week Intel announced a critical escalation of privilege bug that affects its remote management features shipping with Intel Server chipsets for past 7 years, which, if exploited, would allow a remote attacker to take control of vulnerable PCs, laptops, or servers. The vulnerability, labeled CVE-2017-5689, affects Intel remote management ...

Page 1 of 5212345...102030...Last »