KRACK Attack Devastates Wi-Fi Security

Monday, October 16th, 2017

A devastating weakness plagues the WPA2 protocol used to secure all modern Wi-Fi networks, and it can be abused to decrypt traffic from enterprise and consumer networks with varying degrees of difficulty. Not only can attackers peek at supposedly encrypted traffic to steal credentials and payment card data, for example, but ...

Posted in Internet, Networking, Security | No Comments

5.3 billion devices at risk for invisible, infectious Bluetooth attack

Tuesday, September 12th, 2017

What spreads through the air, is invisible to users, and requires no user interaction— no clicking, no pairing, no downloading, not even turning on discoverable mode— but could bring the hurt to billions of devices? It’s an attack vector dubbed Blueborne. Researchers revealed eight different bugs that affect the Bluetooth ...

Posted in Internet, Linux, Mobile, Security, Windows | No Comments

Hardcoded Credentials Expose Customers of AT&T U-Verse

Friday, September 1st, 2017

On August 31, 2017, Nomotion released five vulnerabilities for two Arris modems used by AT&T U-Verse customers in the US. The vulnerabilities are of the following types: Hardcoded Credentials (CWE-798) Information Exposure (CWE-200) Authenticated Command Injection (CWE-78) Firewall Bypass (CWE-653) The hardcoded credentials give attackers access to the device via SSH or HTTP/HTTPS. ...

Posted in Hardware, Internet, Networking, Security | No Comments

‘Petya’ Ransomware Outbreak Goes Global

Tuesday, June 27th, 2017

A new strain of ransomware dubbed “Petya” is worming its way around the world with alarming speed. The malware is spreading using a vulnerability in Microsoft Windows that the software giant patched in March 2017 — the same bug that was exploited by the recent and prolific WannaCry ransomware strain. According ...

Posted in Internet, Security, Windows | No Comments

Advanced CIA firmware has been infecting Wi-Fi routers for years

Thursday, June 15th, 2017

Home routers from 10 manufacturers, including Linksys, DLink, and Belkin, can be turned into covert listening posts that allow the Central Intelligence Agency to monitor and manipulate incoming and outgoing traffic and infect connected devices. That's according to secret documents posted Thursday by WikiLeaks. CherryBlossom, as the implant is code-named, can ...

Posted in Hardware, Internet, Privacy, Security | No Comments

Copyright 2008-2021 PC Sympathy - Entries (RSS) - Sitemap