Items tagged with exploit

Last Friday, we reported on a major cyberattack involving ransomeware that hit a large number of computers - including some belonging to the UK's National Health Service. At first, the malware's reach wasn't too clear, but as the weekend went on, we learned that the number of affected PCs reached at least 200,000 worldwide. Given the nature of this beast, that is downright terrifying. The big question right now is, "Who's at fault?" The blame could easily be shifted to Microsoft, as the bug that allowed this to happen was directly attributed to its own code. While the company is to be commended for releasing a rare Windows XP patch to help squash the bug, it comes a bit too late. Microsoft knew... Read more...
It seems like a day doesn't go by that we don't hear about some piece of malware that's harassing computer users. In 2017, you would expect that most people would be hesitant to download and extract random, rogue zip files, but sadly, that's not the case. There's a reason these pieces of malware still exist -- just like with spam email, a small percentage of users ultimately fall for it. With the latest piece of malware to hit the Mac, users who are careless enough to open attachments from people they don't know are the prime targets for this exploit and infection. OSX/Dok is malware that targets - you guessed it - OS X. The downside is that it allegedly affects all versions of OS X, so... Read more...
We can't seem to go a single week without news of a severe vulnerability out there in the wild, and it looks like our streak isn't about to end. Not too long ago, a number of NSA-derived tools were released online, giving us an idea of how desperate the folks at one of the US government's leading intelligence agencies are to get inside targeted PCs. Now, we have to hope that IT managers and system owners alike take updating their OS seriously. This particular family of NSA exploits are being dubbed "DoublePulsar", and they're severe enough to warrant immediate attention to your Windows PCs. Last month, Microsoft released patches to remove the vulnerability, but as we all know too well, most people... Read more...
In 2013, security research firm DefenseCode revealed a major issue that plagued a large number of wireless routers, and because the number of affected devices was in the millions, the company held off on revealing the specifics. Fast-forward four years to the present day, and those details have finally been revealed. The vulnerability was originally found in a Cisco Linksys router, but it was quickly discovered that the same issue could be found on others - not just other Cisco models, but other vendor models as well. That led the researcher to discover that the issue ultimately related to the Broadcom chipset inside, and in particular, with its uPnP implementation. D-Link's DSL-2740U is one... Read more...
Here we go again. For the second time in a mere three months, Google decided to spill the beans on a Windows bug before the engineers in Redmond could release a patch for it. Microsoft has a Google countdown timer to thank for this latest disclosure; one that shows mercy to absolutely no one, or any company. The latest bug affects a key file in Windows' GDI, or Graphics Device Interface, which is responsible for rendering graphics and fonts in Windows applications. We use "latest" lightly here, as this bug, according to Google, was simply never fixed despite having been previously reported. It all began last March, when Google notified Microsoft of a collection of issues. In June, Microsoft released... Read more...
As we've discussed multiple times before here at HotHardware, IoT device makers have largely been unconcerned about security up until this point, which means that way too many devices in use out there in the wild are sitting there unsecured. Samsung's Smartcam is one such device. After Smartcam's launch, hackers discovered a couple of huge vulnerabilities, which Samsung acknowledged immediately. However, instead of actually fixing the issues, Samsung crippled the device, removing the entire Web admin interface that customers would use to configure their camera. Instead, customers were shifted to use a cloud-based service for tackling the same operations instead. Well, as if that crippling of... Read more...
What's that in the air? Could it be the smell of egg nog and pine? Nope, it's Microsoft Patch Tuesday, of course! This month's rollout is rather large and notable for a number of reasons. However, what matters most is that if you're not up-to-date yet, you'll want to take a little trip to the Windows Update section and take care of business. Speaking of business, the advice to update is imperative for those managing user PCs in the enterprise, as this rollout of patches includes a fix for a huge bug Google disclosed one week ago. This bug, called CVE-2016-7255, is a local privilege escalation flaw that is particularly dangerous, as it's been proven to be actively exploited. If you don't want... Read more...
Whether you use Linux at home or manage a Linux server, you'll want to waste no time in making sure your OS is completely up-to-date. An exploit called "Dirty COW" has now been revealed, and while it's not the most dangerous one ever released, the fact that it's been around for nine years is causing some serious alarm throughout the Linux community. If not for the fact that Linux developer Phil Oester was impacted by this exploit, we might still not even know about it. With his own servers, Oester has been capturing all incoming traffic so as to spot issues easier, this one included. While the binary found on his server was compiled in the summer of 2015, there's no reason to believe that this... Read more...
As unfortunate as it is, it's really hard nowadays to be shocked at the thought of someone getting infected with malware, or even a piece of ransomware (which can now even affect Linux). It is still possible to get shocked though, with Betabot proving it for us. This piece of malicious software doesn't just fetch user data from an infected machine, it also infects the machine with ransomware. Oy. Betabot is arguably one of the worst types of malware out there, as it's effective at getting through security protections to find and take financial information, and then lock the machine up type before leaving, requiring a payment to regain access. As if one of these attacks isn't bad enough; to get... Read more...
If you operate a Web server that runs on Linux, we're here to give you a bit of a prod in case you haven't updated it in a while. A piece of ransomware called FairWare is floating around, and as you'll soon see, its name is ironic as it's anything but "fair". Reports are coming in of users who have been struck with this awful type of malware, although it doesn't seem clear at this point exactly how the infection takes place. It's also not clear if this is some sort of automated attack -- one that simply scans the internet at large and infects where it can -- or if the attacks are focused. Either way, if you are hit with it, you are in for a bad day. Once infected, you'll notice that you no longer... Read more...
We reported earlier this week on a large collection of exploits that have been put up for auction by a group that calls itself Shadow Brokers. The promise was that all of the files were sourced from a secret NSA group called Equation Group, and now, Edward Snowden has released documents to prove that's just the case. This confirmation comes from The Intercept, a website which ultimately came to be as a direct result of Snowden's leaks three summers ago. With this trove of software confirmed to be sourced from the NSA, it raises some big questions. When Shadow Brokers put its collection of exploits up for auction, it took only a couple of days before we found out that there was some real threat... Read more...
We wrote a couple of days ago about a huge treasure trove of alleged NSA-derived exploits that were hitting the market. That gold mine was accessed by a group calling itself Shadow Brokers, and it's been said that their source was Equation Group, which is believed to be an extension of the NSA. At that time, there was no proof that any of the exploits contained in the collection were still valid. Quickly, some noted that a few of the targets were already patched, leading the rest of us to believe that the entire collection came a bit too late. However, anyone who thought that might have to back it up a wee bit, as Cisco has today confirmed that one of the exploits contained within that collection... Read more...
Nothing beats wireless for convenience, but whenever you transmit important data through the air, there's a risk that someone could be nearby, ready to intercept the signals before they reach their destination. If this sounds familiar, it might be because we talked about this very thing earlier this year, when security firm Bastille ousted 'MouseJack', an overly-marketed vulnerability affecting wireless peripherals from major vendors, including Microsoft and Logitech. Well, Bastille is back, this time with 'KeySniffer', another vulnerability (or set of vulnerabilities) that has apparently also deserved its own logo. While it'd be easy to jump to conclusions that Bluetooth is probably at fault... Read more...
With Nintendo's latest game - a mobile one, at that - the company has proven that there is still a lot of innovating to do in the market. While Pokemon GO is based on another title, Ingress, any game is going to have a greater chance of success when it features one of the most popular franchises ever. GO isn't just some regular Pokemon game: it's making the masses realize that augmented reality can be really cool. What's not cool, though, is that popular mobile apps are a hot target for malware. And since Pokemon GO hasn't been released worldwide yet, many have taken to the scarier parts of the Web to score an APK that will allow them to play it right now. As you might imagine, that's bound to... Read more...
It seems impossible for the world to go a single week without a major security breach, so to fill the inevitable void this week is a hacker that goes by the name "thedarkoverlord," who claims to be in possession of a staggering 655,000 healthcare records. Of course, he is looking to sell them off. This latest records leak was first reported by Deep Dot Web, which has exclusive images to prove that the leak is real (one can be seen below). These images were not sourced by the website; rather, thedarkoverlord himself provided the images, probably as a way to build up some notoriety, and to flaunt the fact that the records are for sale to those who might be interested. The records the leaker is... Read more...
We wrote earlier about the kind of success Google has been seeing with its Android bug bounty program -- success that has led the company to actually increase its rewards. Over the years, we've seen other major companies offer bug bounties as well, such as Facebook and Microsoft, so it's clear that they can provide some real value. Could that value be important enough for the US government to get in on the action? It appears that "yes", it certainly can. In a new report from the Pentagon, the groundwork is laid for future programs that target much more than some front-facing websites, which is all that was involved during the Department of Defense's test period of April 18 - May 12 of this year.... Read more...
It has been suggested that the microprocessors we use each and every day could pack in a bit more than we bargained for; namely, the tools needed for spying or undetectable access. And unfortunately, according to security researcher and developer Damien Zammit, there's a potential reason to be concerned over the "ME" or Management Engine module found in all Intel chipsets manufactured after the Core 2 era. If you've built your own Intel-based PC in recent years, or have at least reinstalled the OS and needed to install all of the drivers on your own, you've probably noticed a piece of software called "Intel Management Engine". What this corresponds to is a feature in modern Intel chipsets... Read more...
The greatest benefit wireless peripherals offer is what they help cut down on: wires. Fewer wires means that our desktops are easier to keep clean, and we're not kicking wires as often under our desk. It's a win-win overall. Or is it? As with most things convenient, wireless peripherals can suffer exploits just like anything else that's open to a wireless connection. While your keyboard is designed to handshake with an adapter that's plugged into your PC, there's usually nothing stopping the data stream from being intercepted. Though remote, no question, it could be a legitimate attack vector. Researchers at US-based Bastille help prove that supposedly with the announcement of "MouseJack,"... Read more...
Security researchers thought that we were all rid of a pesky vulnerability that was initially patched over three years ago. The exploit takes advantage of code lurking within the “libupnp” library, which is included in the Portable SDK for UPnP Devices used for DLNA media playback. However, some lax vendors have failed to include newer versions of the SDK with an updated version of libupnp, leaving millions of devices that we use everyday exposed -- 6.1 million devices to be exact, including smartphones, routers and smart TVs. In addition to hardware vendors, it’s also been discovered that 547 apps use the outdated version of libupnp. Amazingly, over half, 326 apps, are available via the Google... Read more...
We've talked lots in the past about vulnerabilities that hit home and enterprise routers, but not quite as much about cable modems, where the importance of good security is arguably even more paramount. The reason for that is that most often, customers do not have control over the firmware in such devices. If a vulnerability is found and patched, it's up to the ISP to issue it, automatically. As you might imagine, this could lead to some serious problems if your ISP isn't too on top of things. A great example of this is brought forth by security researcher Bernardo Rodrigues. He found that with a series of Arris cable modems, a backdoor exists within a backdoor - a rather interesting discovery,... Read more...
UpdatedThe lock screen on your phone might not be foolproof as you thought. Researchers at The University of Texas at Austin released a demonstration this week of what they say is a vulnerability in mobile devices running Android 5.x. Also known as Lollipop, it is the latest version of Android and is run by many modern phones, but the attack may not affect all phones running Lollipop. Researchers used a Nexus 4 in the proof-of-concept attack. Also, phones running the latest version of Android (5.5.1 build LMY48M) are not vulnerable. The attack involves copying and pasting multiple characters, starting with characters generated in the Emergency Dial section. The “Elevation of Privilege Vulnerability... Read more...
If you’re a Firefox user, you should update your browser immediately. Mozilla was informed earlier this week by an astute Firefox user that a Russian news site was was using malicious advertisements to take advantage of an exploit in the browser when installed on Windows and Linux machines. The exploit takes advantage of a vulnerability in the PDF viewer that is built into the Firefox browser. That also means that the mobile version of Firefox, which doesn’t include the PDF viewer, is not affected. Mac users were also spared from this particular exploit, but Mozilla still suggests that they upgrade Firefox to combat against future mutations of the exploit. But for affected versions of Firefox,... Read more...
Prev 1 2 3 4 Next