Home / Tag Archives: vulnerability

Tag Archives: vulnerability

“Open sesame”: Industrial network gear hackable with the right username

(credit: Sean Gallagher) This week, two separate security alerts have revealed major holes in devices from Moxa, an industrial automation networking company. In one case, attackers could potentially send commands to a device's operating system by using them as a username in a login attempt. In another, the private key for a Web server used to manage network devices could be retrieved through an HTTP GET request. The first vulnerability, in Moxa's AWK-3131A 802.11n industrial wireless networking gear—which can act as an access point, bridge, or client device—was revealed by Cisco Talos on April 3. Because of the way user authentication for multiple features works—leveraging the "loginutils" tool of the Busybox operating system—the usernames from failed login attempts are processed in such a way that they could be leveraged to inject command-line instructions by using punctuation to separate the command from the rest of the command-line output. "Exploitation of this vulnerability has been confirmed via Telnet, SSH, and the local console port," Patrick DeSantis and Dave McDaniel of Cisco Talos wrote in their report. "It is suspected that the web application may also be vulnerable as it relies on loginutils and examination of the iw_ event _ user binary reveals 'fail' messages for 'WEB,' 'TELNET,' and 'SSH.'" Read 3 remaining paragraphs | Comments

Read More »

Tinder Testing Out Animated Profile Photos – Ubergizmo

Ubergizmo Tinder Testing Out Animated Profile Photos Ubergizmo GIFs aren't exactly new but they seem to be undergoing some kind re-emergence where we're seeing their adoption in apps like Snapchat, Instagram, Messenger, and so on. Now it looks like dating app Tinder wants to get in on the GIF fun as well as they ... and more »

Read More »

Hacking your brain: Researchers discover security bugs in EEG systems

Enlarge / What's on your mind? Hackers may be capable of messing with readings from some EEGs, according to research from Cisco Talos. (credit: Marcus Leidner / EyeEm / GettyImages ) Today, Cisco's Talos security research group revealed five security vulnerabilities in NeuroWorks , a Windows-based software that is used in multiple electroencephalogram systems sold by Nautus. The Windows-based Natus Xltek NeuroWorks 8 software uses hospitals' Ethernet networks to connect to EEG devices and integrate with patient data systems, and it is vulnerable to attacks that could allow remote code execution—allowing an attacker to gain access to the data on the device and to other systems on the hospital network—and denial of service. Four parts of the software in NeuroWorks are vulnerable to buffer overflows that could be used by an attacker remotely accessing the system to drop commands into the memory of the console with crafted network packets. Another vulnerability allows for a remote attacker to execute a denial of service attack against EEG devices. Nautus has issued a patch for the bugs. Unfortunately, based on the previous history of vulnerable medical devices, it's likely that these systems will remain in use—unpatched—by hundreds of hospitals. Crypto-ransomware attacks on hospitals over the past two years have heightened awareness of the dangers to many systems and shown how porous hospital networks really are. Hollywood Presbyterian and other hospitals were forced by ransomware attacks to turn away emergency room patients and shift back to paper charts while recovering from the attacks. Ransomware could affect many medical devices' embedded systems as well, since they are frequently based on older operating systems and are at even greater risk from malware or automated remote attack. And some devices that have been identified as being dangerously exposed to attacks have stayed in use despite warnings to hospitals from the United States Food and Drug Administration. Read 1 remaining paragraphs | Comments

Read More »

Hacking your brain(scan): security bugs in EEG software open hospitals to attack

Enlarge / What's on your mind? Hackers may be capable of messing with readings from some EEGs, according to research from Cisco Talos. (credit: Marcus Leidner / EyeEm / GettyImages ) Today, Cisco's Talos security research group revealed five security vulnerabilities in NeuroWorks , a Windows-based software that is used in multiple electroencephalogram systems sold by Nautus. The Windows-based Natus Xltek NeuroWorks 8 software uses hospitals' Ethernet networks to connect to EEG devices and integrate with patient data systems, and it is vulnerable to attacks that could allow remote code execution—allowing an attacker to gain access to the data on the device and to other systems on the hospital network—and denial of service. The systems hosting the software could then be used to stage wider attacks on hospital networks. Four parts of the software in NeuroWorks are vulnerable to buffer overflows that could be used by an attacker remotely accessing the system to drop commands into the memory of the console with crafted network packets. Another vulnerability allows for a remote attacker to execute a denial of service attack against EEG devices. Nautus has issued a patch for the bugs. Unfortunately, based on the previous history of vulnerable medical devices, it's likely that these systems will remain in use—unpatched—by hundreds of hospitals. Crypto-ransomware attacks on hospitals over the past two years have heightened awareness of the dangers to many systems and shown how porous hospital networks really are. Hollywood Presbyterian and other hospitals were forced by ransomware attacks to turn away emergency room patients and shift back to paper charts while recovering from the attacks. Ransomware could affect many medical devices' embedded systems as well, since they are frequently based on older operating systems and are at even greater risk from malware or automated remote attack. And some devices that have been identified as being dangerously exposed to attacks have stayed in use despite warnings to hospitals from the United States Food and Drug Administration

Read More »

China unveils tax breaks that will exempt semiconductor companies from paying corporate taxes for up to 5 years starting Jan. 1, amid rising US trade…

Bloomberg : China unveils tax breaks that will exempt semiconductor companies from paying corporate taxes for up to 5 years starting Jan. 1, amid rising US trade tensions   —  China said it cut taxes for semiconductor makers, lending new support for the pivotal industry just as U.S. President Donald Trump weighs tariffs …

Read More »

Two former backup drivers for Uber’s self-driving cars say long, monotonous, solitary work hours and a false sense of security jeopardized safety…

Laura Bliss / CityLab : Two former backup drivers for Uber's self-driving cars say long, monotonous, solitary work hours and a false sense of security jeopardized safety   —  The first time Ryan Kelley lifted his hands off the wheel of a self-driving Uber, he felt like he'd landed a role in a dress rehearsal for the future.

Read More »

Baltimore’s 911 system, Boeing join Atlanta in week of crypto-malware outbreaks

Enlarge / Ransomware took Baltimore's 911 system offline on March 24 and 25 as the city's IT department worked to isolate and restore the computer-assisted dispatch network. (credit: Kim Hairston/Baltimore Sun/TNS via Getty Images ) Last Friday, the City of Atlanta was struck by a ransomware attack that took much of the city's internal and external services offline. As of today, many of those services have been restored, but two public portals remain offline. On Saturday, the automated dispatch network for Baltimore's 911 system was also taken offline by an apparent ransomware attack. And yesterday, Boeing's Charleston facility—which manufactures components for Boeing's 777 and other commercial jets, and for the Air Force's KC-46 tanker—was struck by what was initially reported to be WannaCry malware. While it is not clear at this point if these attacks are related in any way, the vulnerability of both businesses and government agencies—particularly local governments—to these sorts of attacks has been continuously demonstrated over the past few years. Even as organizations have moved to deal with the vulnerabilities that were exploited in the first waves of ransomware and ransomware-lookalike attacks, the attackers have modified their tactics to find new ways into networks, exploiting even fleeting gaps in defenses to gain a destructive foothold. Baltimore’s 911 emergency weekend In the case of the Baltimore 911 system, the type of ransomware attack is not yet clear, but the city's top information systems official confirmed that Baltimore's computer-aided dispatch (CAD) system was taken offline by ransomware. In a release emailed to Ars Technica, Baltimore Chief Information Officer and Chief Digital Officer Frank Johnson said that the CAD network was shut down over the weekend "due to 'ransomware' perpetrators" and that the city's IT team was able to "isolate the breach to the CAD network itself." Systems connected to the CAD network, including systems at the Baltimore City Police Department, were taken offline to prevent the spread of the ransomware. Read 15 remaining paragraphs | Comments

Read More »

Apple says student accounts through schools will now get 200GB of iCloud storage for free, up from 5GB (Michael Potuck/9to5Mac)

Michael Potuck / 9to5Mac : Apple says student accounts through schools will now get 200GB of iCloud storage for free, up from 5GB   —  Apple has shared during its education event in Chicago today that student accounts through schools will now get 200GB of iCloud storage for free.  —  A considerable bump from the current 5GB …

Read More »

Apple unveils Schoolwork app, which lets teachers assign handouts and track progress of their students, coming in June; apps can integrate using…

Jacob Kastrenakes / The Verge : Apple unveils Schoolwork app, which lets teachers assign handouts and track progress of their students, coming in June; apps can integrate using ClassKit   —  Apple is making a big push into education, and part of that is through apps.  At its event today, the company announced a tool called Schoolwork …

Read More »

Report: Zuckerberg will testify before Congress (Axios)

Axios : Report: Zuckerberg will testify before Congress   —  CNN's Dylan Byers reports that Mark Zuckerberg will testify before Congress under oath “within a matter of weeks,” according to unidentified Facebook sources.  The company is working on a strategy for the testimony now as pressure to appear has become too intense to ignore.

Read More »