Technology companies are starting to respond to a new Wi-Fi exploit affecting Vulnerability-related.DiscoverVulnerability all modern Wi-Fi networks using WPA or WPA2 encryption . The security vulnerabilities allow attackers to read Wi-Fi traffic between devices and wireless access points , and in some cases even modify it to inject malware into websites . Security researchers claim Vulnerability-related.DiscoverVulnerability devices running macOS , Windows , iOS , Android , and Linux will be affected Vulnerability-related.DiscoverVulnerability by the vulnerabilities . Microsoft says it has already fixed Vulnerability-related.PatchVulnerability the problem for customers running supported versions of Windows . “ We have released Vulnerability-related.PatchVulnerability a security update to address Vulnerability-related.PatchVulnerability this issue , ” says a Microsoft spokesperson in a statement to The Verge . “ Customers who apply Vulnerability-related.PatchVulnerability the update , or have automatic updates enabled , will be protected . We continue to encourage customers to turn on automatic updates to help ensure they are protected. ” Microsoft says the Windows updates released Vulnerability-related.PatchVulnerability on October 10th protect customers , and the company “ withheld disclosure Vulnerability-related.DiscoverVulnerability until other vendors could develop and release Vulnerability-related.PatchVulnerability updates. ” While it looks like Android and Linux devices are affected Vulnerability-related.DiscoverVulnerability by the worst part of the vulnerabilities , allowing attackers to manipulate websites , Google has promised Vulnerability-related.PatchVulnerability a fix for affected devices “ in the coming weeks. ” Google ’ s own Pixel devices will be the first to receive Vulnerability-related.PatchVulnerability fixes with security patch level of November 6 , 2017 , but most other handsets are still well behind even the latest updates . Security researchers claim Vulnerability-related.DiscoverVulnerability 41 percent of Android devices are vulnerable Vulnerability-related.DiscoverVulnerability to an “ exceptionally devastating ” variant of the Wi-Fi attack that involves manipulating traffic , and it will take time to patch Vulnerability-related.PatchVulnerability older devices . The Verge has reached out to a variety of Android phone makers to clarify when security patches will reach Vulnerability-related.PatchVulnerability handsets , and we ’ ll update you accordingly . At the time of writing , Apple has not yet clarified Vulnerability-related.DiscoverVulnerability whether the latest versions of macOS and iOS are vulnerable Vulnerability-related.DiscoverVulnerability . The Wi-Fi Alliance , a network of companies responsible for Wi-Fi , has responded to the disclosure Vulnerability-related.DiscoverVulnerability of the vulnerabilities . “ This issue can be resolved Vulnerability-related.PatchVulnerability through straightforward software updates , and the Wi-Fi industry , including major platform providers , has already started deploying Vulnerability-related.PatchVulnerability patches to Wi-Fi users , ” says a Wi-Fi Alliance spokesperson . “ Users can expect all their Wi-Fi devices , whether patched or unpatched Vulnerability-related.PatchVulnerability , to continue working well together. ” Apple also confirmed to both The Verge and AppleInsider that the vulnerability is patched Vulnerability-related.PatchVulnerability in a beta version of the current operating systems . The fix should go public Vulnerability-related.PatchVulnerability in a few weeks , so iOS and macOS devices are n't in the clear just yet . AppleInsider also reports that AirPort hardware , including the Time Machine , AirPort Extreme base station , and AirPort Express do not have a patch . The publication 's source also was n't sure if one was in the works .

Technology companies are starting to respond to a new Wi-Fi exploit affecting Vulnerability-related.DiscoverVulnerability all modern Wi-Fi networks using WPA or WPA2 encryption . The security vulnerabilities allow attackers to read Wi-Fi traffic between devices and wireless access points , and in some cases even modify it to inject malware into websites . Security researchers claim Vulnerability-related.DiscoverVulnerability devices running macOS , Windows , iOS , Android , and Linux will be affected Vulnerability-related.DiscoverVulnerability by the vulnerabilities . Microsoft says it has already fixed Vulnerability-related.PatchVulnerability the problem for customers running supported versions of Windows . “ We have released Vulnerability-related.PatchVulnerability a security update to address Vulnerability-related.PatchVulnerability this issue , ” says a Microsoft spokesperson in a statement to The Verge . “ Customers who apply Vulnerability-related.PatchVulnerability the update , or have automatic updates enabled , will be protected . We continue to encourage customers to turn on automatic updates to help ensure they are protected. ” Microsoft says the Windows updates released Vulnerability-related.PatchVulnerability on October 10th protect customers , and the company “ withheld disclosure Vulnerability-related.DiscoverVulnerability until other vendors could develop and release Vulnerability-related.PatchVulnerability updates. ” While it looks like Android and Linux devices are affected Vulnerability-related.DiscoverVulnerability by the worst part of the vulnerabilities , allowing attackers to manipulate websites , Google has promised Vulnerability-related.PatchVulnerability a fix for affected devices “ in the coming weeks. ” Google ’ s own Pixel devices will be the first to receive Vulnerability-related.PatchVulnerability fixes with security patch level of November 6 , 2017 , but most other handsets are still well behind even the latest updates . Security researchers claim Vulnerability-related.DiscoverVulnerability 41 percent of Android devices are vulnerable Vulnerability-related.DiscoverVulnerability to an “ exceptionally devastating ” variant of the Wi-Fi attack that involves manipulating traffic , and it will take time to patch Vulnerability-related.PatchVulnerability older devices . The Verge has reached out to a variety of Android phone makers to clarify when security patches will reach Vulnerability-related.PatchVulnerability handsets , and we ’ ll update you accordingly . At the time of writing , Apple has not yet clarified Vulnerability-related.DiscoverVulnerability whether the latest versions of macOS and iOS are vulnerable Vulnerability-related.DiscoverVulnerability . The Wi-Fi Alliance , a network of companies responsible for Wi-Fi , has responded to the disclosure Vulnerability-related.DiscoverVulnerability of the vulnerabilities . “ This issue can be resolved Vulnerability-related.PatchVulnerability through straightforward software updates , and the Wi-Fi industry , including major platform providers , has already started deploying Vulnerability-related.PatchVulnerability patches to Wi-Fi users , ” says a Wi-Fi Alliance spokesperson . “ Users can expect all their Wi-Fi devices , whether patched or unpatched Vulnerability-related.PatchVulnerability , to continue working well together. ” Apple also confirmed to both The Verge and AppleInsider that the vulnerability is patched Vulnerability-related.PatchVulnerability in a beta version of the current operating systems . The fix should go public Vulnerability-related.PatchVulnerability in a few weeks , so iOS and macOS devices are n't in the clear just yet . AppleInsider also reports that AirPort hardware , including the Time Machine , AirPort Extreme base station , and AirPort Express do not have a patch . The publication 's source also was n't sure if one was in the works .

A zero-day vulnerability present in Vulnerability-related.DiscoverVulnerability security cameras and surveillance equipment using Nuuo software is thought to impact Vulnerability-related.DiscoverVulnerability hundreds of thousands of devices worldwide . Researchers from cybersecurity firm Tenable disclosed Vulnerability-related.DiscoverVulnerability the bug , which has been assigned as CVE-2018-1149 . The vulnerability can not get much more serious , as it allows attackers to remotely execute code in the software , the researchers said in a security advisory on Monday . Nuuo , describing itself as a provider of `` trusted video management '' software , offers a range of video solutions for surveillance systems in industries including transport , banking , government , and residential areas . Dubbed `` Peekaboo , '' the zero-day stack buffer overflow vulnerability , when exploited Vulnerability-related.DiscoverVulnerability , allows threat actors to view and tamper with video surveillance recordings and feeds . It is also possible to use the bug to steal Attack.Databreach data including credentials , IP addresses , port usage , and the make & models of connected surveillance devices . Such a security vulnerability has wide-reaching , real-world consequences -- as criminals could compromise a surveillance camera feed , replace the footage with a static image , and raid a premises , for example . In addition , the bug could be used to fully disable cameras and surveillance products . Peekaboo specifically impacts Vulnerability-related.DiscoverVulnerability the NVRMini 2 NAS and network video recorder , which acts as a hub for connected surveillance products . When exploited , the product permitted access to the control management system ( CMS ) interface , which further exposes credentials of all connected video surveillance cameras connected to the storage system . Speaking to ZDNet , Gavin Millard , VP of threat intelligence at Tenable , said that organizations all over the world use Nuuo software , including in shopping centers , hospitals , banks , and public areas . However , therein lies the problem -- as the software is also white labeled to over 100 brands and 2,500 camera product lines . Tenable disclosed Vulnerability-related.DiscoverVulnerability the zero-day vulnerability to Nuuo . A patch has not been released Vulnerability-related.PatchVulnerability , but Nuuo is currently developing Vulnerability-related.PatchVulnerability a fix for deployment . A plugin has also been released Vulnerability-related.PatchVulnerability by Tenable for organizations to assess whether or not they are vulnerable Vulnerability-related.DiscoverVulnerability to Peekaboo . ZDNet has reached out to Nuuo and will update if we hear back .

The Bitcoin Core developers recently fixed Vulnerability-related.PatchVulnerability a major vulnerability in the Bitcoin ( BTC ) network ’ s ( client ) codebase . Explaining the potentially serious nature of the software bug , which is tracked as Vulnerability-related.DiscoverVulnerability CVE-2018-17144 and classified as a denial-of-service ( DoS ) attack , Casaba Security co-founder Jason Glassberg said Vulnerability-related.DiscoverVulnerability : “ [ It ] can take down the network. ” Glassberg also told Vulnerability-related.DiscoverVulnerability ZDNet the vulnerability in the Bitcoin Core codebase “ would [ have ] affected transactions in the sense that they can not be completed , but does not appear to open up a way to steal or manipulate wallets. ” Denial-of-Service ( DoS ) , 51 % Attacks The Bitcoin Core client software is used by BTC miners to validate transactions on the cryptocurrency ’ s blockchain and the recent vulnerability found Vulnerability-related.DiscoverVulnerability in its source code could have been used to intentionally crash bitcoin ’ s full-node operators . Although not logistically feasible , this particular software bug could have been remotely exploited Vulnerability-related.DiscoverVulnerability by an attacker to launch a 51 % attack in which one entity controls the majority of the hashing ( or computing ) power of a cryptocurrency network . Advisory Notice , Critical Patch Released Vulnerability-related.PatchVulnerability In most cases , a bad actor has orchestrated a 51 % attack in order to manipulate transactions on a cryptocurrency ’ s blockchain for financial gains . At present , it would cost approximately $ 490,000 to launch such an attack ( for 1 hour ) on the Bitcoin network , according to Crypto51 . However , if the recent Bitcoin Core software bug had not been patched Vulnerability-related.PatchVulnerability , a bad actor could have initiated a 51 % attack on the cryptocurrency ’ s network at a considerably lower cost . The Bitcoin Core developers posted Vulnerability-related.DiscoverVulnerability an advisory notice ( on September 19th ) regarding this DoS vulnerability . Users of Bitcoin Core have been instructed to upgrade Vulnerability-related.PatchVulnerability to version 0.16.3 of the software . Previous versions ( 0.14.0 to 0.16.3 ) of the client contain the DoS vulnerability . Bitcoin Knots , one of at least 96 bitcoin forks to date , was considered vulnerable Vulnerability-related.DiscoverVulnerability as well and its client software was patched Vulnerability-related.PatchVulnerability . `` Copycat '' Cryptos Are At Risk Notably , the CVE-2018-17144 vulnerability could have also affected Vulnerability-related.DiscoverVulnerability the litecoin ( LTC ) network but its client has received Vulnerability-related.PatchVulnerability a patch . Commenting on the serious nature of these software bugs , Cornell computer science professor Emin Gün Sirer said Vulnerability-related.DiscoverVulnerability : “ Copycat currencies are at risk ” - meaning that all bitcoin forks are vulnerable Vulnerability-related.DiscoverVulnerability to the attack . The Turkish-American cryptographer , who identified Vulnerability-related.DiscoverVulnerability critical vulnerabilities in Ethereum ’ s codebase before its network was hit with the DAO attack , was referring to all the currently 69 active bitcoin forks that could still be exploited Vulnerability-related.DiscoverVulnerability with a 51 % attack as their clients might still not have received Vulnerability-related.PatchVulnerability a patch and are not as secure as bitcoin network due to their smaller size . In fact , Crypto51 has estimated it would only cost $ 122 to launch a 51 % attack on the Bitcoin Private ( BTCP ) network . However , this estimate has not been confirmed by another source .

A security researcher has published Vulnerability-related.DiscoverVulnerability details of a vulnerability in a popular cloud storage drive after the company failed to issue Vulnerability-related.PatchVulnerability security patches for over a year . Remco Vermeulen found Vulnerability-related.DiscoverVulnerability a privilege escalation bug in Western Digital ’ s My Cloud devices , which he said Vulnerability-related.DiscoverVulnerability allows an attacker to bypass the admin password on the drive , gaining “ complete control ” over the user ’ s data . The exploit works because drive ’ s web-based dashboard doesn ’ t properly check a user ’ s credentials before giving a possible attacker access to tools that should require higher levels of access . The bug was “ easy ” to exploit , Vermeulen told TechCrunch in an email , and was remotely exploitable if a My Cloud device allows remote access over the internet — which thousands of devices do . He posted a proof-of-concept video on Twitter . Details of the bug were also independently found Vulnerability-related.DiscoverVulnerability by another security team , which released its own exploit code . Vermeulen reported Vulnerability-related.DiscoverVulnerability the bug over a year ago , in April 2017 , but said the company stopped responding . Normally , security researchers give 90 days for a company to respond , in line with industry-accepted responsible disclosure guidelines . After he found Vulnerability-related.DiscoverVulnerability that WD updated Vulnerability-related.PatchVulnerability the My Cloud firmware in the meanwhile without fixing Vulnerability-related.PatchVulnerability the vulnerability he found Vulnerability-related.DiscoverVulnerability , he decided to post Vulnerability-related.DiscoverVulnerability his findings . A year later , WD still hasn’t released Vulnerability-related.PatchVulnerability a patch . The company confirmed Vulnerability-related.DiscoverVulnerability that it knows Vulnerability-related.DiscoverVulnerability of the vulnerability but did not say why it took more than a year to issue Vulnerability-related.PatchVulnerability a fix . “ We are in the process of finalizing a scheduled firmware update that will resolve Vulnerability-related.PatchVulnerability the reported issue , ” a spokesperson said , which will arrive Vulnerability-related.PatchVulnerability “ within a few weeks. ” WD said Vulnerability-related.DiscoverVulnerability that several of its My Cloud products are vulnerable Vulnerability-related.DiscoverVulnerability — including the EX2 , EX4 and Mirror , but not My Cloud Home . In the meantime , Vermeulen said that there ’ s no fix and that users have to “ just disconnect ” the drive altogether if they want to keep their data safe .

Thousands , if not more , Jenkins servers are vulnerable Vulnerability-related.DiscoverVulnerability to data theft , takeover , and cryptocurrency mining attacks . This is because hackers can exploit two vulnerabilities to gain admin rights or log in using invalid credentials on these servers . Both vulnerabilities were discovered Vulnerability-related.DiscoverVulnerability by security researchers from CyberArk , were privately reported Vulnerability-related.DiscoverVulnerability to the Jenkins team , and received Vulnerability-related.PatchVulnerability fixes over the summer . But despite patches for both issues , there are still thousands of Jenkins servers available Vulnerability-related.PatchVulnerability online . Jenkins is a web application for continuous integration built in Java that allows development teams to run automated tests and commands on code repositories based on test results , and even automate the process of deploying new code to production servers . Jenkins is a popular component in many companies ' IT infrastructure and these servers are very popular with both freelancers and enterprises alike . Over the summer , CyberArk researchers discovered Vulnerability-related.DiscoverVulnerability a vulnerability ( tracked as Vulnerability-related.DiscoverVulnerability CVE-2018-1999001 ) that allows an attacker to provide malformed login credentials that cause Jenkins servers to move their config.xml file from the Jenkins home directory to another location . If an attacker can cause the Jenkins server to crash and restart , or if he waits for the server to restart on its own , the Jenkins server then boots in a default configuration that features no security . In this weakened setup , anyone can register on the Jenkins server and gain administrator access . With an administrator role in hand , an attacker can access private corporate source code , or even make code modifications to plant backdoors in a company 's apps . This lone issue would have been quite bad on its own , but CyberArk researchers also discovered Vulnerability-related.DiscoverVulnerability a second Jenkins vulnerability -- CVE-2018-1999043 . This second bug , they said Vulnerability-related.DiscoverVulnerability , allowed an attacker to create ephemeral user records in the server 's memory , allowing an attacker a short period when they could authenticate using ghost usernames and credentials . Both vulnerabilities were fixed Vulnerability-related.PatchVulnerability , the first in July and the second in August , but as we 've gotten accustomed to in the past few years of covering security flaws , not all server owners have bothered to install these security updates .

Cisco has plugged Vulnerability-related.PatchVulnerability two severe vulnerabilities affecting Vulnerability-related.DiscoverVulnerability its Digital Network Architecture ( DNA ) Center software . Appliances running Cisco 's DNA Center software before Release 1.1.4 are vulnerable Vulnerability-related.DiscoverVulnerability to an authentication bypass that could allow a remote attacker to `` take complete control '' of its identity management functions . Network admins can use the DNA Center interface to add new devices to the network and manage them based on enterprise policies . DNA Center is part of Cisco 's toolkit for internet-based networking . Lax security restrictions on key DNA management functions mean an attacker could send a valid identity management request to an affected system and then change existing system users or create new users , according to Cisco . The flaw , which is tracked as Vulnerability-related.DiscoverVulnerability CVE-2018-0448 , is rated critical and has a Common Vulnerability Scoring System ( CVSS ) v 3.0 rating of 9.8 out of 10 . It 's fixed Vulnerability-related.PatchVulnerability in release 1.1.4 and later and since there are no workarounds , admins will need to update Vulnerability-related.PatchVulnerability to these releases to fix Vulnerability-related.PatchVulnerability the bug . Cisco also fixed Vulnerability-related.PatchVulnerability another critical DNA Center flaw , CVE-2018-15386 , which could give a remote attacker direct access to core management functions . An attacker could exploit the bug by directly connecting to exposed Attack.Databreach DNA Center services and from there obtain Attack.Databreach or change critical system files . This bug is due to insecure default configurations affecting Vulnerability-related.DiscoverVulnerability DNA Center release 1.1 Again , there are no workarounds for the bug , so admins will need to update Vulnerability-related.PatchVulnerability to release 1.2 and later . Both flaws were found Vulnerability-related.DiscoverVulnerability during internal testing . Cisco is not aware of any exploits in the wild for the flaws . Cisco has also fixed Vulnerability-related.PatchVulnerability a critical flaw affecting Vulnerability-related.DiscoverVulnerability Cisco Prime Infrastructure ( PI ) that could let a remote attacker upload any file they wishwithout requiring authentication . The file could be used to execute commands . On PI , Trivial File Transfer Protocol ( TFTP ) is enabled by default and accessible from the web interface , which an attacker could use toupload a malicious file . Customers should check Cisco 's advisory to determine whether they 're running a fixed release . It also has workarounds for some releases . The flaw was reported Vulnerability-related.DiscoverVulnerability by independent security researcher Pedro Ribeiro through Beyond Security 's SecuriTeam Secure Disclosure program . Beyond Security notes in its detailed report about the PI issue that Ribeiro identified Vulnerability-related.DiscoverVulnerability two flaws but only one was fixed Vulnerability-related.PatchVulnerability in Cisco 's patch . `` The first vulnerability is a file-upload vulnerability that allows the attacker to upload and execute JSP files as the Apache Tomcat user . '' `` The second vulnerability is a privilege escalation to root by bypassing execution restrictions in a SUID binary . `` From our assessment the provided fix only addresses Vulnerability-related.PatchVulnerability the file uploading part of the exploit , not the file inclusion , the ability to execute arbitrary code through it or the privileges escalation issue that the product has . '' Cisco also released Vulnerability-related.PatchVulnerability patches for 33 more high- and medium-severity flaws affecting Vulnerability-related.DiscoverVulnerability WebEx , SD-WAN products , and its ASA security appliances .

Cisco has released Vulnerability-related.PatchVulnerability fixes for 34 flaws in its software , including 24 that affect Vulnerability-related.DiscoverVulnerability its FXOS software for Firepower firewalls and NX-OS software for Nexus switches . Cisco 's June updates include fixes for five critical arbitrary code execution vulnerabilities affecting Vulnerability-related.DiscoverVulnerability FXOS and NX-OS and 19 high-rated flaws affecting Vulnerability-related.DiscoverVulnerability the software . Four of the critical flaws affect Vulnerability-related.DiscoverVulnerability FXOS and NX-OS Cisco Fabric Services , while the fifth one affects Vulnerability-related.DiscoverVulnerability the NX-API feature of NX-OS . All have a CVSS v3 score of 9.8 out of a maximum of 10 . Cisco Fabric Services facilitate distribution and synchronization of configuration data between Cisco devices on the same network . Some of the flaws allow an unauthenticated , remote attack to execute arbitrary code and one allows an attacker to do so as root . Multiple switches are vulnerable Vulnerability-related.DiscoverVulnerability if they 've been configured to use Cisco Fabric Services , including its Nexus 2000 series through to Nexus 9000 series switches , as well as Cisco 's Firepower 4100 Series Next-Gen Firewalls and other hardware . The insufficient input validation may occur when FXOS and NX-OS process Cisco Fabric Services packets received during distribution and synchronization . There are various ways to exploit each of the flaws , depending on what Cisco Fabric Services distribution types have been configured . For example , if Fibre Channel ports are configured as a distribution type for a device , the attack could occur via Fibre Channel over Ethernet ( FCoE ) or Fibre Channel over IP ( FCIP ) . Cisco has already rolled out Vulnerability-related.PatchVulnerability fixes in some releases of FXOS and NX-OS . Cisco posted a blog this week explaining why it often fixes Vulnerability-related.PatchVulnerability bugs in IOS and NX-OS releases before disclosing Vulnerability-related.DiscoverVulnerability them in an advisory . It 's a practice that appears to cause confusion for customers wondering why it has n't told them fixed code has been available Vulnerability-related.PatchVulnerability for several months before it discloses Vulnerability-related.DiscoverVulnerability them . Cisco 's answer is that some flaws affect Vulnerability-related.DiscoverVulnerability more than 50 versions of its software . `` There have been some questions as to why creating Vulnerability-related.PatchVulnerability fixes and releasing Vulnerability-related.PatchVulnerability updates can take several weeks , or sometimes even months , before an advisory is published , '' Cisco 's Customer Assurance Security Programs team wrote . `` In some cases , there is a large number of supported software versions to be updated . The number of affected versions that will be updated Vulnerability-related.PatchVulnerability can range from single digits to nearly 50 or more . We are committed to issuing Vulnerability-related.PatchVulnerability fixes for every one of those supported versions . '' `` If we disclosed Vulnerability-related.DiscoverVulnerability the vulnerability after only fixing Vulnerability-related.PatchVulnerability one release , we would unnecessarily expose all customers running Vulnerability-related.PatchVulnerability other releases to potential exploitation once details about the attack itself became public . '' There are also 10 medium-severity flaws , including one that affects Vulnerability-related.DiscoverVulnerability some WebEx endpoints due to an already disclosed flaw in Nvidia 's Tegra TX1 chips .

Cisco has resolved Vulnerability-related.PatchVulnerability a set of critical vulnerabilities in Policy Suite which permit attackers to cause havoc in the software 's databases . This week , the tech giant released Vulnerability-related.PatchVulnerability a security advisory detailing four vulnerabilities which could place enterprise users at risk of information leaks , account compromise , database tampering , and more . The first vulnerability , CVE-2018-0374 , has earned a CVSS base score of 9.8 . Described as Vulnerability-related.DiscoverVulnerability an unauthenticated bypass bug , the security flaw `` could allow an unauthenticated , remote attacker to connect directly to the Policy Builder database , '' according to Cisco . The bug has been caused by a simple lack of authentication and as there is no requirement for identity verification , Policy Builder databases can be accessed and tampering with without limitation . Cisco Policy Suite releases prior to 18.2.0 are affected Vulnerability-related.DiscoverVulnerability . The second vulnerability , CVE-2018-0375 , is a default password error . The CVSS 9.8 bug is present in Vulnerability-related.DiscoverVulnerability the Cluster Manager of Cisco Policy Suite and could allow an unauthenticated , remote attacker to log in to a vulnerable system using a root account . The serious security problem has emerged Vulnerability-related.DiscoverVulnerability due to the use of undocumented , static user credentials for root accounts . If a hacker has knowledge of these credentials , they can become a root user and are able to execute arbitrary commands . Versions of the software prior to 18.2.0 are vulnerable Vulnerability-related.DiscoverVulnerability to exploit . The third bug , CVE-2018-0376 , is another unauthenticated access problem and is also caused by a lack of authentication measures . `` A successful exploit could allow the attacker to make changes to existing repositories and create new repositories , '' Cisco says Vulnerability-related.DiscoverVulnerability . Cisco Policy Suite versions prior to 18.2.0 are affected Vulnerability-related.DiscoverVulnerability . The fourth security flaw , CVE-2018-0377 , affects Vulnerability-related.DiscoverVulnerability the Open Systems Gateway initiative ( OSGi ) interface of Cisco Policy Suite . There is a lack of authentication within the OSGi interface which permits attackers to circumvent security processes and directly connect to the interface , access any files contained within they wish , and modify any content which is accessible through the process . This vulnerability impacts Vulnerability-related.DiscoverVulnerability Policy Suite versions prior to 18.1.0 . There are no workarounds to circumvent these vulnerabilities . However , patches have been issued to address Vulnerability-related.PatchVulnerability them and Cisco says that no reports have been received which indicate the bugs are being exploited Vulnerability-related.DiscoverVulnerability in the wild . In addition , Cisco has revealed Vulnerability-related.DiscoverVulnerability seven now-patched bugs affecting Vulnerability-related.DiscoverVulnerability SD-WAN solutions . The vulnerabilities included command injection security flaws , a remote code execution bug , and arbitrary file overwrite issues .

Security biz Qualys has revealed Vulnerability-related.DiscoverVulnerability three vulnerabilities in a component of systemd , a system and service manager used in most major Linux distributions . Patches for the three flaws – CVE-2018-16864 , CVE-2018-16865 , and CVE-2018-16866 – should appear in Vulnerability-related.PatchVulnerability distro repos soon as a result of coordinated disclosure . However , Linux distributions such as Debian remain vulnerable Vulnerability-related.DiscoverVulnerability at the moment , depending on the version you have installed . `` They 're aware Vulnerability-related.DiscoverVulnerability of the issues and they 're releasing Vulnerability-related.PatchVulnerability patches , '' said Jimmy Graham , director of product management at Qualys , in a phone interview with The Register . `` I do n't believe Red Hat has released Vulnerability-related.PatchVulnerability one but it should be coming shortly . '' The bugs were found Vulnerability-related.DiscoverVulnerability in systemd-journald , a part of systemd that handles the collection and storage of log data . The first two CVEs refer to memory corruption flaws while the third involves an out of bounds error that can leak data . CVE-2018-16864 can be exploited Vulnerability-related.DiscoverVulnerability by malware running on a Linux box , or a malicious logged-in user , to crash and potentially hijack the systemd-journald system service , elevating access from user to root . CVE-2018-16865 and CVE-2018-16866 can be exploited Vulnerability-related.DiscoverVulnerability together by a local attacker to crash or hijack the root-privileged journal service . While systemd is n't universally beloved in the Linux community , Graham sees nothing unusual about the presence of the three flaws in the software . `` The noteworthiness to me is that it is very commonly found in most major distributions , '' he said . Qualys contends all systemd-based Linux distros are vulnerable Vulnerability-related.DiscoverVulnerability , though the vulnerabilities can not be exploited Vulnerability-related.DiscoverVulnerability in SUSE Linux Enterprise 15 , openSUSE Leap 15.0 , and Fedora 28 and 29 because their user-land code is compiled with GCC 's -fstack-clash-protection option . The security biz calls it a simplified stack clash – where the size of the stack gets changed to overlap with other memory areas – because it only requires the last two steps in a four step process : Clashing the stack with another memory region , moving the stack-pointer to the stack start , jumping over the stack guard-page into another memory region , and smashing the stack or memory space . The third bug , CVE-2018-16866 , appeared in Vulnerability-related.DiscoverVulnerability June 2015 ( systemd v221 ) and , Qualys says , was fixed Vulnerability-related.PatchVulnerability inadvertently in August 2018 . In code where the flaw still exists Vulnerability-related.DiscoverVulnerability , it could allow an attacker to read out of bounds information , resulting in information leakage . `` The risk [ of these issues ] is a local privilege escalation to root , '' said Graham . `` It 's something that should still be a concern because usually attackers do n't just use one vulnerability to comprise a system . They often chain vulnerabilities together . ''

Researchers have discovered Vulnerability-related.DiscoverVulnerability some serious security flaws threatening Linux . These vulnerabilities exist in Vulnerability-related.DiscoverVulnerability Linux systemd component . According to the researchers , the vulnerabilities pose a risk to all systemd-based Linux distros . Allegedly , researchers at Qualys have disclosed Vulnerability-related.DiscoverVulnerability some bugs targeting the Linux systemd component . Systemd provides the core building blocks for Linux and handles major processes after booting . As revealed Vulnerability-related.DiscoverVulnerability , three vulnerabilities have targeted the systemd-journald , which is responsible for data collection and log storage . The vulnerabilities let an attacker gain root privileges on the target device . The researchers state Vulnerability-related.DiscoverVulnerability that these vulnerabilities threaten all Linux distros based on systemd except a few . As stated in their report , “ To the best of our knowledge , all systemd-based Linux distributions are vulnerable Vulnerability-related.DiscoverVulnerability , but SUSE Linux Enterprise 15 , openSUSE Leap 15.0 , and Fedora 28 and 29 are not exploitable because their user space is compiled with GCC ’ s -fstack-clash-protection. ” The three bugs include two different memory corruption flaws ( CVE-2018-16864 and CVE-2018-16865 ) , and an out-of-bounds flaw ( CVE-2018-16866 ) . At first , the researchers accidentally discovered Vulnerability-related.DiscoverVulnerability CVE-2018-16864 while working on an exploit for a previously disclosed vulnerability , Mutagen Astronomy . Then , when they were busy on its PoC , they spotted Vulnerability-related.DiscoverVulnerability the other two bugs . “ We developed Vulnerability-related.DiscoverVulnerability a proof of concept for CVE-2018-16864 that gains eip control on i386… We developed Vulnerability-related.DiscoverVulnerability an exploit for CVE-2018-16865 and CVE-2018-16866 that obtains a local root shell in 10 minutes on i386 and 70 minutes on amd64 , on average. ” Interestingly , the bugs had been around for quite a few years . For now , Red Hat has patched Vulnerability-related.PatchVulnerability the bugs CVE-2018-16864 and CVE-2018-16865 . Whereas , Debian has fixed Vulnerability-related.PatchVulnerability CVE-2018-16866 in the unstable systemd 240-1 release . Other distros will also supposedly release Vulnerability-related.PatchVulnerability the fixes soon . In November 2018 , a Google researcher also highlighted Vulnerability-related.DiscoverVulnerability a critical flaw in Systemd that induced system crashes and hacks .

Some medical devices , smartphones and internet of things gadgets contain certain types of sensors that are vulnerable Vulnerability-related.DiscoverVulnerability to potential hacking using sound waves , says Vulnerability-related.DiscoverVulnerability cybersecurity researcher Kevin Fu . `` This is now a risk that all manufacturers should be aware of , and in their hazard analysis , it has to be a part of their cybersecurity risk management , '' says Fu , explaining findings of a recent research study conducted by the University of Michigan and the University of South Carolina . The microelectromechanical systems - or MEMS accelerometers - that the research team found Vulnerability-related.DiscoverVulnerability to contain these vulnerabilities - are sensors used in various devices to measure acceleration or velocity , and then report those readings to a microprocessor . `` What we looked at Vulnerability-related.DiscoverVulnerability was the ability to trick these sensors into delivering false readings to the microprocessor by using sound waves , '' he says in an interview with Information Security Media Group . `` What medical devices contain these sensors is still an open question . The main hazard of this sound wave vulnerability is the threat to the integrity and availability of the sensor , he explains Vulnerability-related.DiscoverVulnerability . Prior studies by other researchers had found Vulnerability-related.DiscoverVulnerability that sound waves can be used to disable these sensors . `` What 's new here is that it is now known that one can actually damage the integrity of the reading , '' he says . `` If you were trusting this reading to do something automated , such as rate-adapt a pacemaker , perhaps based on changing activity of a patient , you now need a second way to verify the integrity of that reading . '' The study lists 20 accelerometers for which the researchers were able to change the output of the sensors using sound waves , Fu says . `` In some devices , we found that there is a speaker built in right next to the sensor , which means there is a remote ability to cause these changes without an adversary being near the chip . '' Fu recommends that manufacturers assess the researchers ' list of accelerometers that contain the sound wave vulnerability `` and ask [ suppliers ] for specific parameters , including the resident frequencies , to understand the risks and mitigations .

A broad array of Android phones are vulnerable Vulnerability-related.DiscoverVulnerability to attacks that use booby-trapped Wi-Fi signals to achieve full device takeover , a researcher has demonstrated Vulnerability-related.DiscoverVulnerability . The vulnerability resides in Vulnerability-related.DiscoverVulnerability a widely used Wi-Fi chipset manufactured by Broadcom and used in both iOS and Android devices . Apple patched Vulnerability-related.PatchVulnerability the vulnerability with Monday 's release Vulnerability-related.PatchVulnerability of iOS 10.3.1 . `` An attacker within range may be able to execute arbitrary code on the Wi-Fi chip , '' Apple 's accompanying advisory warned Vulnerability-related.DiscoverVulnerability . In a highly detailed blog post published Vulnerability-related.DiscoverVulnerability Tuesday , the Google Project Zero researcher who discovered Vulnerability-related.DiscoverVulnerability the flaw said Vulnerability-related.DiscoverVulnerability it allowed the execution of malicious code on a fully updated 6P `` by Wi-Fi proximity alone , requiring no user interaction . '' Google is in the process of releasing Vulnerability-related.PatchVulnerability an update in its April security bulletin . The fix is available Vulnerability-related.PatchVulnerability only to a select number of device models , and even then it can take two weeks or more to be available as an over-the-air update to those who are eligible . Company representatives did n't respond to an e-mail seeking comment for this post . The proof-of-concept exploit developed by Project Zero researcher Gal Beniamini uses Wi-Fi frames that contain irregular values . The values , in turn , cause the firmware running on Broadcom 's wireless system-on-chip to overflow its stack . By using the frames to target timers responsible for carrying out regularly occurring events such as performing scans for adjacent networks , Beniamini managed to overwrite specific regions of device memory with arbitrary shellcode . Beniamini 's code does nothing more than write a benign value to a specific memory address . Attackers could obviously exploit the same series of flaws to surreptitiously execute malicious code on vulnerable devices within range of a rogue access point . Besides the specific stack overflow bugs exploited Vulnerability-related.DiscoverVulnerability by the proof-of-concept attack , Beniamini said Vulnerability-related.DiscoverVulnerability a lack of security protections built into many software and hardware platforms made the Broadcom chipset a prime target . `` We ’ ve seen that while the firmware implementation on the Wi-Fi SoC is incredibly complex , it still lags behind in terms of security , '' he wrote . `` Specifically , it lacks all basic exploit mitigations—including stack cookies , safe unlinking and access permission protection ( by means of [ a memory protection unit . ] ) '' The Broadcom chipset contains an MPU , but the researcher found that it 's implemented in a way that effectively makes all memory readable , writeable , and executable . `` We can conveniently execute our code directly from the heap . '' He said that Broadcom has informed him that newer versions of the chipset implement the MPU more effectively and also add unspecified additional security mechanisms . Given the severity of the vulnerability , people with affected Vulnerability-related.DiscoverVulnerability devices should install Vulnerability-related.PatchVulnerability a patch as soon as it 's available . For those with vulnerable iPhones , that 's easy enough . As is all too often the case for Android users , there 's no easy way to get Vulnerability-related.PatchVulnerability a fix immediately , if at all . That 's because Google continues to stagger the release Vulnerability-related.PatchVulnerability of its monthly patch bundle for the minority of devices that are eligible to receive it . At the moment , it 's not clear if there are effective workarounds available for vulnerable devices . Turning off Wi-Fi is one possibility , but as revealed in recent research into an unrelated Wi-Fi-related weakness involving Android phones , devices often relay Wi-Fi frames even when Wi-Fi is turned off

Hundreds of thousands of internet gateway devices around the world , primarily residential cable modems , are vulnerable Vulnerability-related.DiscoverVulnerability to hacking because of a serious weakness in their Simple Network Management Protocol implementation . SNMP is used for automated network device identification , monitoring and remote configuration . It is supported and enabled by default in many devices , including servers , printers , networking hubs , switches and routers . Independent researchers Ezequiel Fernandez and Bertin Bervis recently found Vulnerability-related.DiscoverVulnerability a way to bypass SNMP authentication on 78 models of cable modems that ISPs from around the world have provided to their customers . Their internet scans revealed Vulnerability-related.DiscoverVulnerability hundreds of thousands of devices whose configurations could be changed remotely through the SNMP weakness that they found Vulnerability-related.DiscoverVulnerability and dubbed StringBleed . The leaking Attack.Databreach of sensitive configuration data through the default `` public '' SNMP community string is a known problem that has affected Vulnerability-related.DiscoverVulnerability many devices over the years . The two researchers first located Vulnerability-related.DiscoverVulnerability a small number of vulnerable devices , including the Cisco DPC3928SL cable modem that 's now part of Technicolor 's product portfolio following the company 's acquisition of Cisco 's Connected Devices division in 2015 . The researchers claim Vulnerability-related.DiscoverVulnerability that when they reported Vulnerability-related.DiscoverVulnerability the issue to Technicolor , the company told them that it was the result of an access misconfiguration by a single ISP in Mexico rather than a problem with the device itself . This prompted the researchers to perform a wider internet scan that resulted in the discovery Vulnerability-related.DiscoverVulnerability of 78 vulnerable cable modem models from 19 manufacturers , including Cisco , Technicolor , Motorola , D-Link and Thomson . Regardless of the cause , the problem is serious , as attackers could exploit this flaw to extract administrative and Wi-Fi passwords or to hijack devices by modifying their configurations . There 's not much that users can do if their ISP supplied them with a vulnerable device , other than ask for a different model or install their own modem . Unfortunately , not many ISPs allow their residential customers to use their own gateway devices , because they want uniformity and remote management capabilities on their networks . Determining if a particular device is vulnerable Vulnerability-related.DiscoverVulnerability to this issue is possible , but requires a bit of work . An online port scanner like ShieldsUp can be used to determine if the device responds to SNMP requests over its public IP address . If SNMP is open , a different online tool can be used to check if the device 's SNMP server returns valid responses when the `` public '' or random community strings are used . At the very least this would indicate an information leak problem .

A zero-day vulnerability exists in Vulnerability-related.DiscoverVulnerability WordPress Core that in some instances could allow an attacker to reset a user ’ s password and gain access to their account . Researcher Dawid Golunski of Legal Hackers disclosed Vulnerability-related.DiscoverVulnerability the vulnerability on Wednesday via his new ExploitBox service . All versions of WordPress , including the latest , 4.7.4 , are vulnerable Vulnerability-related.DiscoverVulnerability , the researcher said . The vulnerability ( CVE-2017-8295 ) happens because WordPress uses what Golunski calls untrusted data by default when it creates a password reset email . In a proof-of-concept writeup , Golunski points out that WordPress uses a variable , SERVER_NAME , to get the hostname to create a From/Return-Path header for the password reset email . Since that variable , by its nature , can be customized , an attacker could insert a domain of his choosing and make it so an outgoing email could be sent to a malicious address , the researcher says . The attacker would then receive the reset email and be able to change the account password and take over . “ Depending on the configuration of the mail server , it may result in an email that gets sent to the victim WordPress user with such malicious From/Return-Path address set in the email headers , ” Golunski wrote . “ This could possibly allow the attacker to intercept the email containing the password reset link in some cases requiring user interaction as well as without user interaction. ” Golunski writes that there are three scenarios in which a user could be tricked Attack.Phishing , and only one of them relies on user interaction . In one , an attacker could perform a denial of service attack on the victim ’ s email account in order to prevent the password reset email from reaching the victim ’ s account . Instead , it could bounce back to the malicious sender address , pointed at the attacker . Second , Golunski says some auto-responders may attach a copy of the email sent in the body of the auto-replied message . Third , by sending multiple password reset emails , he says the attacker could trigger the victim to ask for an explanation , below , which could contain the malicious password link . Golunski said Vulnerability-related.DiscoverVulnerability he reported Vulnerability-related.DiscoverVulnerability the issue to WordPress ’ s security team multiple times , initially more than 10 months ago in July 2016 . The researcher told Threatpost that WordPress never outright rejected his claim – he says WordPress told him it was working on the issue – but acknowledged that too much time has passed without a clear resolution , something which prompted him to release details Vulnerability-related.DiscoverVulnerability on the bug on Wednesday . Campbell said that it ’ s possible WordPress will patch Vulnerability-related.PatchVulnerability the issue , even if just for poorly configured servers , but acknowledged he didn ’ t have a timetable for the fix . Concerned WordPress users should follow a public ticket that was started for the issue last July , Campbell added . While there ’ s no official fix available Vulnerability-related.PatchVulnerability yet , Golunski says users can enable the UseCanonicalName setting on Apache to enforce a static SERVER_NAME value to ensure it doesn ’ t get modified . Golunski has had his hands full finding Vulnerability-related.DiscoverVulnerability vulnerabilities related to PHP-based email platforms . He discovered Vulnerability-related.DiscoverVulnerability a remote code execution bug in SquirrelMail in January that disclosed Vulnerability-related.DiscoverVulnerability and quickly patched Vulnerability-related.PatchVulnerability last month and similar RCE bugs in PHPMailer and SwiftMailer , libraries used to send emails via PHP , at the end of 2016 .

An exploit in the Android operating system means almost 40 percent of users are vulnerable Vulnerability-related.DiscoverVulnerability to screen-hijacking apps , but it is unlikely to be fixed Vulnerability-related.PatchVulnerability until winter . The bug , which was first spotted Vulnerability-related.DiscoverVulnerability by researchers at Check Point , is caused by a development oversight in Android permissions , which in the past required users to manually grant downloaded applications the ability to display content on top of other app panes . However following complaints from users who found it difficult to manually whitelist each app , the Android 6.0.1 'Marshmallow ' update made this process automatic , which was good news for legitimate apps like WhatsApp and Facebook Messenger . It appears that fix has meant apps hiding malicious codes are able to bypass security also being automatically granted the same access , specifically the 'SYSTEM_ALERT_WINDOW ' permission . According to Google 's own statistics , the vulnerability will be active Vulnerability-related.DiscoverVulnerability on close to 40 percent of all Android devices . `` As a temporary solution , Google applied Vulnerability-related.PatchVulnerability a patch in Android version 6.0.1 that allows the Play Store app to grant run-time permissions , which are later used to grant SYSTEM_ALERT_WINDOW permission to apps installed from the app store , '' the Check Point research team explained in a blog post . `` This means that a malicious app downloaded directly from the app store will be automatically granted this dangerous permission . '' This permission is particularly dangerous as it allows an app to display over any other app , without notifying the user . This means apps are able to display fraudulent adverts or links to content hosting malicious code , which are heavily used in banking Trojans . `` It can also be used by ransomware to create a persistent on-top screen that will prevent non-technical users from accessing their devices , '' explained the team . This particular permissions exploit is used by 74 percent of all ransomware , 57 percent of adware and 14 percent of banker malware , according to the report , clearly demonstrating that this is a widespread tactic in the wild . What 's worrying is that Google has stated that a fix will be available Vulnerability-related.PatchVulnerability in time for the release of Android O , which is n't expected until late summer . In the meantime , Check Point has urged users to beware of dodgy-looking apps and to check the comments left by other users . Although the Play Store is able to police the apps being uploaded to its platform , malicious content is repeatedly bypassing security checks . Check Point recently disclosed the discovery of a new malware strain hidden inside game guides hosted on the Play Store , thought to have infected close to two million Android devices over the past seven months .