Lucian Constantin

Author Archives: Lucian Constantin

Apple’s new macOS Sierra fixes over 60 security flaws

Apple launched its newest operating system, macOS Sierra 10.12, on Tuesday and aside from new and interesting features, it has a large number of important security fixes.The new OS patches 65 vulnerabilities in various core and third-party components. Some of these vulnerabilities are critical and can result in arbitrary code execution with kernel privileges.Flaws that allow local applications to execute malicious code with kernel or system privileges were fixed in Apple's HSSPI support component, AppleEFIRuntime, AppleMobileFileIntegrity, AppleUUC, the Bluetooth stack, DiskArbitration, the Intel Graphics Driver, the IOAcceleratorFamily and IOThunderboltFamily, the S2 Camera, the Security service and the kernel itself.To read this article in full or to leave a comment, please click here

Apple’s new macOS Sierra fixes over 60 security flaws

Apple launched its newest operating system, macOS Sierra 10.12, on Tuesday and aside from new and interesting features, it has a large number of important security fixes.The new OS patches 65 vulnerabilities in various core and third-party components. Some of these vulnerabilities are critical and can result in arbitrary code execution with kernel privileges.Flaws that allow local applications to execute malicious code with kernel or system privileges were fixed in Apple's HSSPI support component, AppleEFIRuntime, AppleMobileFileIntegrity, AppleUUC, the Bluetooth stack, DiskArbitration, the Intel Graphics Driver, the IOAcceleratorFamily and IOThunderboltFamily, the S2 Camera, the Security service and the kernel itself.To read this article in full or to leave a comment, please click here

TLS 1.3 gets early adoption boost through CloudFlare

Website security and performance vendor CloudFlare has made the newest version of the TLS secure communications protocol available to all of its customers.The TLS (Transport Layer Security) 1.3 specification is yet to be finalized by the Internet Engineering Task Force (IETF), the body that develops internet standards. However, the protocol is already supported in beta versions of Google Chrome and Mozilla Firefox, and it's being hailed as an important step forward in securing internet communications.TLS 1.3 removes some cryptographic algorithms present in TLS 1.2 that are known to be vulnerable. This makes it easier for server administrators to deploy secure-by-default HTTPS configurations. HTTPS (HTTP Secure) is a mix between HTTP and TLS.To read this article in full or to leave a comment, please click here

TLS 1.3 gets early adoption boost through CloudFlare

Website security and performance vendor CloudFlare has made the newest version of the TLS secure communications protocol available to all of its customers.The TLS (Transport Layer Security) 1.3 specification is yet to be finalized by the Internet Engineering Task Force (IETF), the body that develops internet standards. However, the protocol is already supported in beta versions of Google Chrome and Mozilla Firefox, and it's being hailed as an important step forward in securing internet communications.TLS 1.3 removes some cryptographic algorithms present in TLS 1.2 that are known to be vulnerable. This makes it easier for server administrators to deploy secure-by-default HTTPS configurations. HTTPS (HTTP Secure) is a mix between HTTP and TLS.To read this article in full or to leave a comment, please click here

Researchers demonstrate remote attack against Tesla Model S

Tesla Motors is considered one of the most cybersecurity-conscious car manufacturers in the world -- among other things, it has a bug bounty program. But that doesn't mean the software in its cars is free of security flaws.Researchers from Chinese technology company Tencent found a series of vulnerabilities that, when combined, allowed them to remotely take over a Tesla Model S car and control its sunroof, central display, door locks and even the breaking system. The attack allowed the researchers to access the car’s controller area network (CAN) bus, which lets the vehicle’s specialized computers communicate with each other."As far as we know, this is the first case of remote attack which compromises CAN Bus to achieve remote controls on Tesla cars," the researchers from Tencent's Keen Security Lab said in a blog post Monday. "We have verified the attack vector on multiple varieties of Tesla Model S. It is reasonable to assume that other Tesla models are affected."To read this article in full or to leave a comment, please click here

Researchers demonstrate remote attack against Tesla Model S

Tesla Motors is considered one of the most cybersecurity-conscious car manufacturers in the world -- among other things, it has a bug bounty program. But that doesn't mean the software in its cars is free of security flaws.Researchers from Chinese technology company Tencent found a series of vulnerabilities that, when combined, allowed them to remotely take over a Tesla Model S car and control its sunroof, central display, door locks and even the breaking system. The attack allowed the researchers to access the car’s controller area network (CAN) bus, which lets the vehicle’s specialized computers communicate with each other."As far as we know, this is the first case of remote attack which compromises CAN Bus to achieve remote controls on Tesla cars," the researchers from Tencent's Keen Security Lab said in a blog post Monday. "We have verified the attack vector on multiple varieties of Tesla Model S. It is reasonable to assume that other Tesla models are affected."To read this article in full or to leave a comment, please click here

Cisco patches Equation group exploit in IOS, IOS XE and IOS XR devices

Cisco Systems has patched a vulnerability similar to one exploited by a cyberespionage group believed to be linked to the U.S. National Security Agency.The vulnerability affects networking devices running Cisco's IOS, IOS XE and IOS XR operating systems that process IKEv1 (Internet Key Exchange version 1) packets. When exploited, it allows remote unauthenticated attackers to extract contents from a device's memory, potentially leading to the exposure of sensitive and confidential information.IKE is a key exchange protocol used by several popular features including LAN-to-LAN VPN (Virtual Private Network), remote access VPN, Dynamic Multipoint VPN (DMVPN) and Group Domain of Interpretation (GDOI). It is likely to be enabled on many Cisco devices in enterprise environments.To read this article in full or to leave a comment, please click here

Cisco patches Equation group exploit in IOS, IOS XE and IOS XR devices

Cisco Systems has patched a vulnerability similar to one exploited by a cyberespionage group believed to be linked to the U.S. National Security Agency.The vulnerability affects networking devices running Cisco's IOS, IOS XE and IOS XR operating systems that process IKEv1 (Internet Key Exchange version 1) packets. When exploited, it allows remote unauthenticated attackers to extract contents from a device's memory, potentially leading to the exposure of sensitive and confidential information.IKE is a key exchange protocol used by several popular features including LAN-to-LAN VPN (Virtual Private Network), remote access VPN, Dynamic Multipoint VPN (DMVPN) and Group Domain of Interpretation (GDOI). It is likely to be enabled on many Cisco devices in enterprise environments.To read this article in full or to leave a comment, please click here

Cisco patches Equation group exploit in IOS, IOS XE and IOS XR devices

Cisco Systems has patched a vulnerability similar to one exploited by a cyberespionage group believed to be linked to the U.S. National Security Agency.The vulnerability affects networking devices running Cisco's IOS, IOS XE and IOS XR operating systems that process IKEv1 (Internet Key Exchange version 1) packets. When exploited, it allows remote unauthenticated attackers to extract contents from a device's memory, potentially leading to the exposure of sensitive and confidential information.IKE is a key exchange protocol used by several popular features including LAN-to-LAN VPN (Virtual Private Network), remote access VPN, Dynamic Multipoint VPN (DMVPN) and Group Domain of Interpretation (GDOI). It is likely to be enabled on many Cisco devices in enterprise environments.To read this article in full or to leave a comment, please click here

Remote Safe Mode attack defeats Windows 10 pass-the-hash defenses

Microsoft tries to protect user account credentials from theft in Windows 10 Enterprise, and security products detect attempts to pilfer user passwords. But all those efforts can be undone by Safe Mode, according to security researchers.The Safe Mode is an OS diagnostic mode of operation that has existed since Windows 95. It can be activated at boot time and only loads the minimal set of services and drivers that Windows requires to run.This means that most third-party software, including security products, don't start in Safe Mode, negating the protection they otherwise offer. In addition, there are also Windows optional features like the Virtual Secure Module (VSM), which don't run in this mode.To read this article in full or to leave a comment, please click here

Chrome OS gets cryptographically verified enterprise device management

Companies will now be able to cryptographically validate the identity of Chrome OS devices connecting to their networks and verify that those devices conform to their security policies.On Thursday, Google announced a new feature and administration API called Verified Access. The API relies on digital certificates stored in the hardware-based Trusted Platform Modules (TPMs) present in every Chrome OS device to certify that the security state of those devices has not been altered.Many organizations have access controls in place to ensure that only authorized users are allowed to access sensitive resources and they do so from enterprise-managed devices conforming to their security policies.To read this article in full or to leave a comment, please click here

Chrome OS gets cryptographically verified enterprise device management

Companies will now be able to cryptographically validate the identity of Chrome OS devices connecting to their networks and verify that those devices conform to their security policies.On Thursday, Google announced a new feature and administration API called Verified Access. The API relies on digital certificates stored in the hardware-based Trusted Platform Modules (TPMs) present in every Chrome OS device to certify that the security state of those devices has not been altered.Many organizations have access controls in place to ensure that only authorized users are allowed to access sensitive resources and they do so from enterprise-managed devices conforming to their security policies.To read this article in full or to leave a comment, please click here

Pokémon Go guide app with half a million downloads hacks Android devices

Security researchers have found a malicious application on Google Play that had over 500,000 downloads and was designed to gain complete control over Android devices.The application masqueraded as a guide for the popular Pokémon Go game and used multiple layers of obfuscation to bypass Google Play's malware detection mechanisms, researchers from Kaspersky Lab said in a blog post.The app contains a malicious module that doesn't execute immediately. Instead, the app waits for another application to be installed or uninstalled in order to determine if it's running on a real device or in an emulated environment, like the ones used to detect malware.To read this article in full or to leave a comment, please click here

Pokémon Go guide app with half a million downloads hacks Android devices

Security researchers have found a malicious application on Google Play that had over 500,000 downloads and was designed to gain complete control over Android devices.The application masqueraded as a guide for the popular Pokémon Go game and used multiple layers of obfuscation to bypass Google Play's malware detection mechanisms, researchers from Kaspersky Lab said in a blog post.The app contains a malicious module that doesn't execute immediately. Instead, the app waits for another application to be installed or uninstalled in order to determine if it's running on a real device or in an emulated environment, like the ones used to detect malware.To read this article in full or to leave a comment, please click here

Adobe fixes critical flaws in Flash Player and Digital Editions

Adobe Systems has fixed more than 30 vulnerabilities in its Flash Player and Digital Editions products, most of which could be exploited to remotely install malware on computers.The bulk of the flaws, 26, were patched in Flash Player on all supported platforms: Windows, Mac and Linux.Twenty-three of those vulnerabilities can lead to remote code execution and the remaining three can be used for information disclosure or to bypass security features, Adobe said in an advisory.Adobe advises users to update Flash Player version 23.0.0.162 on Windows and Mac or version 11.2.202.635 on Linux. The new version of the Flash Player extended support release, which only receives security patches, is now 18.0.0.375.To read this article in full or to leave a comment, please click here

Adobe fixes critical flaws in Flash Player and Digital Editions

Adobe Systems has fixed more than 30 vulnerabilities in its Flash Player and Digital Editions products, most of which could be exploited to remotely install malware on computers.The bulk of the flaws, 26, were patched in Flash Player on all supported platforms: Windows, Mac and Linux.Twenty-three of those vulnerabilities can lead to remote code execution and the remaining three can be used for information disclosure or to bypass security features, Adobe said in an advisory.Adobe advises users to update Flash Player version 23.0.0.162 on Windows and Mac or version 11.2.202.635 on Linux. The new version of the Flash Player extended support release, which only receives security patches, is now 18.0.0.375.To read this article in full or to leave a comment, please click here

Microsoft releases one of its biggest security updates this year

Microsoft released one of its biggest security updates this year, fixing 50 vulnerabilities in its products and 26 more in Flash Player, which is bundled with its Edge browser.The patches are split into 14 security bulletins, including the one dedicated to Flash Player, seven of which are rated critical. They address vulnerabilities in Windows, Internet Explorer, Microsoft Edge, Microsoft Exchange, Microsoft Office and Microsoft Office web services and apps.For desktop deployments, administrators should prioritize the fixes for Internet Explorer, which are covered in the MS16-104 bulletin, Microsoft Edge (MS16-105), Microsoft Office (MS16-107), Microsoft Graphics Component (MS16-106), OLE Automation for VBScript Scripting Engine (MS16-116) and Adobe Flash Player (MS16-117).To read this article in full or to leave a comment, please click here

Microsoft releases one of its biggest security updates this year

Microsoft released one of its biggest security updates this year, fixing 50 vulnerabilities in its products and 26 more in Flash Player, which is bundled with its Edge browser.The patches are split into 14 security bulletins, including the one dedicated to Flash Player, seven of which are rated critical. They address vulnerabilities in Windows, Internet Explorer, Microsoft Edge, Microsoft Exchange, Microsoft Office and Microsoft Office web services and apps.For desktop deployments, administrators should prioritize the fixes for Internet Explorer, which are covered in the MS16-104 bulletin, Microsoft Edge (MS16-105), Microsoft Office (MS16-107), Microsoft Graphics Component (MS16-106), OLE Automation for VBScript Scripting Engine (MS16-116) and Adobe Flash Player (MS16-117).To read this article in full or to leave a comment, please click here

Hackers found 47 new vulnerabilities in 23 IoT devices at DEF CON

Smart door locks, padlocks, thermostats, refrigerators, wheelchairs and even solar panel arrays were among the internet-of-things devices that fell to hackers during the IoT Village held at the DEF CON security conference in August.A month after the conference ended, the results are in: 47 new vulnerabilities affecting 23 devices from 21 manufacturers were disclosed during the IoT security talks, workshops and onsite hacking contests.The types of vulnerabilities found ranged from poor design decisions like the use of plaintext and hard-coded passwords to coding flaws like buffer overflows and command injection.Door locks and padlocks from vendors like Quicklock, iBlulock, Plantraco, Ceomate, Elecycle, Vians, Lagute, Okidokeys, Danalock were found to be vulnerable to password sniffing and replay attacks, where a captured command can be replayed later to open the locks.To read this article in full or to leave a comment, please click here

Hackers found 47 new vulnerabilities in 23 IoT devices at DEF CON

Smart door locks, padlocks, thermostats, refrigerators, wheelchairs and even solar panel arrays were among the internet-of-things devices that fell to hackers during the IoT Village held at the DEF CON security conference in August.A month after the conference ended, the results are in: 47 new vulnerabilities affecting 23 devices from 21 manufacturers were disclosed during the IoT security talks, workshops and onsite hacking contests.The types of vulnerabilities found ranged from poor design decisions like the use of plaintext and hard-coded passwords to coding flaws like buffer overflows and command injection.Door locks and padlocks from vendors like Quicklock, iBlulock, Plantraco, Ceomate, Elecycle, Vians, Lagute, Okidokeys, Danalock were found to be vulnerable to password sniffing and replay attacks, where a captured command can be replayed later to open the locks.To read this article in full or to leave a comment, please click here

1 20 21 22 23 24 58