The short version is that every Intel platform with AMT, ISM, and SBT from Nehalem in 2008 to Kaby Lake in 2017 has a remotely exploitable security hole in the ME (Management Engine) not CPU firmware. If this isn’t scary enough news, even if your machine doesn’t have SMT, ISM, or SBT provisioned, it is Read more about Remote security exploit in all 2008+ Intel platforms – SemiAccurate[…]

Neatgear has cocked up its cloud management service, losing data stored locally on ReadyNAS devices’ shared folders worldwide – and customers have complained to The Register about only being informed four weeks later. This week, the San Jose-based networking business sent an email to customers, seen by The Register, confirming that an “outage” affecting ReadyCLOUD, Read more about Netgear says sorry four weeks after losing customer backups on cloud and locally(!!!!) – yes the cloud can hurt you![…]

The Shadow Brokers have leaked more hacking tools stolen from the NSA’s Equation Group – this time four-year-old exploits that attempt to hijack venerable Windows systems, from Windows 2000 up to Server 2012 and Windows 7 and 8. The toolkit puts into anyone’s hands – from moronic script kiddies to hardened crims – highly classified Read more about Shadow Brokers release 4 year old NSA hacks for Win2k to Windows 8[…]

Cyber experts at Newcastle University, UK, have revealed the ease with which malicious websites, as well as installed apps, can spy on us using just the information from the motion sensors in our mobile phones. Analysing the movement of the device as we type in information, they have shown it is possible to crack four-digit Read more about Smartphone gyros and open background tabs reveal your inputs, even when locked[…]

A security researcher has found 40 unknown zero-day vulnerabilities in Tizen, the operating system that runs on millions of Samsung products. Source: Samsung’s Android Replacement Is a Hacker’s Dream – Motherboard

The vulnerability is due to the existence of default credentials for an affected device that is running Cisco Mobility Express Software, regardless of whether the device is configured as a master, subordinate, or standalone access point. An attacker who has layer 3 connectivity to an affected device could use Secure Shell (SSH) to log in Read more about Cisco Aironet 1830 Series and 1850 Series Access Points Mobility Express with hardcoded passwords[…]

Details: ======== The corresponding embeded webserver “PST10 WebServer” typically listens to port 80 and is prone to a directory traversal attack, therefore an unauthenticated attacker may be able to exploit this issue to access sensitive information to aide in subsequent attacks. Proof of Concept: ================= ~$ telnet 192.168.0.1 80 Trying 192.168.0.1… Connected to 192.168.0.1. Escape Read more about Miele Professional PG 8528 dishwasher insecure – Web Server Directory Traversal[…]

The UK government has announced a cabin baggage ban on laptops and tablets on direct flights to the UK from Turkey, Lebanon, Jordan, Egypt, Tunisia and Saudi Arabia. The ban follows a similar move in the US, where officials say bombs could be hidden in a series of devices. Downing Street said it was “necessary, Read more about UK flight ban on electronic devices announced – copying Trumpist insanity[…]

The first two flaws can be triggered and lead to a buffer overflow condition if the attacker sends to the camera a too-long Wi-Fi SSID parameter or a long encrypted password parameter, respectively. That’s easy to do as Bluetooth is never disabled after the initial setup of the cameras, and attackers (e.g. burglars) can usually Read more about Burglars can easily make Google Nest security cameras stop recording[…]

Your antivirus and network protection efforts may actually be undermining network security, a new paper and subsequent US-CERT advisory have warned. The issue comes with the use of HTTPS interception middleboxes and network monitoring products. They are extremely common and are used to check that nothing untoward is going on. However, the very method by Read more about Web security products introduce man in the middle insecurities[…]

“WikiLeaks has made initial contact with us via secure@microsoft.com,” a Microsoft spokesperson told Motherboard — but then things apparently stalled. An anonymous reader quotes Fortune: Wikileaks this week contacted major tech companies including Apple and Google, and required them to assent to a set of conditions before receiving leaked information about security “zero days” and Read more about WikiLeaks will disclose CIA vulns to companies that sign standard responsible disclosures – or maybe not so standard?[…]

The duration (2016–09–22 to 2017–02–20) and potential breadth of information exposed is huge — Cloudflare has over 2 million websites on its network, and data from any of these is potentially exposed. Cloudflare has said the actual impact is relatively minor, so I believe only limited amounts of information were actually disseminated. Essentially, broad range of data Read more about Cloudbleed: How to deal with it[…]

The Check Point Mobile Threat Prevention has recently detected a severe infection in 38 Android devices, belonging to a large telecommunications company and a multinational technology company. While this is not unusual, one detail of the attacks stands out. In all instances, the malware was not downloaded to the device as a result of the Read more about Preinstalled Malware Targeting Mobile Users[…]

enderson tested four major auto manufacturers, and found they all have apps that allow previous owners to access them from a mobile device. At the RSA security conference in San Francisco on Friday, Henderson explained how people can still retain control of connected cars even after they resell them. Manufacturers create apps to control smart Read more about Used cars allow the old owners app access[…]

“An attacker could exploit this vulnerability by sending API commands via HTTP to a particular URL without prior authentication,” Cisco said today. “An exploit could allow the attacker to perform any actions in Cisco Prime Home with administrator privileges.” Note that “administrator” was italicized by the networking giant. Super serious. Cisco pitches Prime Home as Read more about Cisco’s Prime Home lets hackers hijack people’s routers, from one single point at the ISP[…]

The flawed version is in Debian 9 (Stretch), currently in testing, but not in Debian 8 (Jessie). The bug appears to be a result of a bad interaction with the encfs encrypted filesystem’s command line interface: Cryptkeeper invokes encfs and attempts to enter paranoia mode with a simulated ‘p’ keypress – instead, it sets passwords Read more about Linux encryption app Cryptkeeper has universal password: ‘p’[…]

More than a third of organisations that experienced a breach last year reported substantial customer, opportunity and revenue loss. The finding is one of the key takeaways from the latest edition of Cisco’s annual cybersecurity report, which also suggests that defenders are struggling to improve defences against a growing range of threats. The vast majority Read more about Suffered a breach? Expect to lose cash, opportunities, and customers – report[…]

A team from CSIRO’s Data 61, University of NSW and UC Berkley in the US found a whole bunch of Android VPN apps contain viruses, spyware and other adware. Researchers analysed the apps available for Android to look for nasties like trojans, spyware and adware — giving each an “anti-virus rank (AV)” based on what Read more about Viruses, spyware found in ‘alarming’ number of Android VPN apps[…]

a completely proactive and signature-less technology that is able to detect and block even the most dangerous of ransomware variants like CryptoWall4, CryptoLocker, Tesla, and CTB-Locker. Malwarebytes Anti-Ransomware monitors all activity in the computer and identifies actions which are typical of ransomware activity. It keeps track of all activity and, once it has enough evidence Read more about Introducing Malwarebytes Anti-Ransomware Beta[…]

Bitdefender Anti-Ransomware prevents the following families of ransomware from encrypting your files: CTB-Locker, Locky, Pertya, and TeslaCrypt. Bitdefender cannot guarantee the effectiveness of the tool against different strains of ransomware, nor be held liable for the loss of sensitive data. Source: Anti Ransomware Tool Shame…

Cryptostalker and the original project randumb are the work of Sean Williams, a developer from San Francisco. Mr. Williams wanted to create a tool that monitored the filesystem for newly written files, and if the files contained random data, the sign of encrypted content, and they were written at high speed, it would alert the Read more about Cryptostalker, a Tool to Detect Crypto-Ransomware on Linux[…]

Let’s try to generically thwart OS X ransomware via math! By continually monitoring the file-system for the creation of encrypted files by suspicious processes, RansomWhere? aims to protect your personal files, generically stopping ransomware in its tracks. Source: Objective-See

Law enforcement and IT Security companies have joined forces to disrupt cybercriminal businesses with ransomware connections. The “No More Ransom” website is an initiative by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre and two cyber security companies – Kaspersky Lab and Intel Security – with the goal to Read more about The No More Ransom Project: tools and howtos to decrypt ransomware from the EU[…]