Cisco patches Vulnerability-related.PatchVulnerability a severe flaw in switch deployment software that can be attacked with crafted messages sent to a port that 's open by default . Cisco has released Vulnerability-related.PatchVulnerability patches for 34 vulnerabilities mostly affecting Vulnerability-related.DiscoverVulnerability its IOS and IOS XE networking software , including three critical remote code execution security bugs . Perhaps the most serious issue Cisco has released Vulnerability-related.PatchVulnerability a patch for is critical bug CVE-2018-0171 affecting Vulnerability-related.DiscoverVulnerability Smart Install , a Cisco client for quickly deploying new switches for Cisco IOS Software and Cisco IOS XE Software . A remote unauthenticated attacker can exploit a flaw in the client to reload an affected device and cause a denial of service or execute arbitrary code . Embedi , the security firm that found Vulnerability-related.DiscoverVulnerability the flaw , initially believed it could only be exploited Vulnerability-related.DiscoverVulnerability within an enterprise 's network . However , it found Vulnerability-related.DiscoverVulnerability millions of affected devices exposed on the internet . `` Because in a securely configured network , Smart Install technology participants should not be accessible through the internet . But scanning the internet has shown that this is not true , '' wrote Embedi . `` During a short scan of the internet , we detected 250,000 vulnerable devices and 8.5 million devices that have a vulnerable port open . '' Smart Install is supported by a broad range of Cisco routers and switches . The high number of devices with an open port is probably because the Smart Install client 's port TCP 4786 is open by default . This situation is overlooked by network admins , Embedi said . The company has also published Vulnerability-related.DiscoverVulnerability proof-of-concept exploit code , so it probably will be urgent for admins to patch Vulnerability-related.PatchVulnerability . An attacker can exploit the bug by sending Attack.Phishing a crafted Smart Install message to these devices on TCP port 4786 , according to Cisco . Embedi discovered Vulnerability-related.DiscoverVulnerability the flaw last year , landing it an award at the GeekPwn conference in Hong Kong last May , and reported Vulnerability-related.DiscoverVulnerability it to Cisco in September . Cisco 's internal testing also turned up Vulnerability-related.DiscoverVulnerability a critical issue in its IOS XE software , CVE-2018-0150 , due to an undocumented user account that has a default username and password . Cisco warns Vulnerability-related.DiscoverVulnerability that an attacker could use this account to remotely connect to a device running the software . Cisco engineers also found Vulnerability-related.DiscoverVulnerability CVE-2018-0151 , a remote code execution bug in the QoS subsystem of IOS and IOS XE . `` The vulnerability is due to incorrect bounds checking of certain values in packets that are destined for UDP port 18999 of an affected device . An attacker could exploit this vulnerability by sending malicious packets to an affected device , '' writes Cisco . All three bugs were given a CVSS score of 9.8 out of 10 .

A privilege escalation flaw in McAfee 's True Key software remains open to exploitation despite multiple attempts to patch Vulnerability-related.PatchVulnerability it . This according to researchers with security shop Exodus Intel , who claim Vulnerability-related.DiscoverVulnerability that CVE-2018-6661 was not fully addressed Vulnerability-related.PatchVulnerability with either of the two patches McAfee released Vulnerability-related.PatchVulnerability for it . The flaw is an elevation of privilege issue in McAfee 's TrueKey password manager . An exploit can be carried out on a guest account by side-loading a specially-crafted DLL into True Key that would then allow for commands and code to be executed with system-level privileges . McAfee 's summary of the flaw , published Vulnerability-related.DiscoverVulnerability on March 30 , lists it as a 'high ' severity issue that was patched Vulnerability-related.PatchVulnerability in version 4.20.110 - which was released Vulnerability-related.PatchVulnerability in April . Exodus says that the April release did n't fully fix Vulnerability-related.PatchVulnerability the bug , however . The researchers explain that McAfee 's patch only addresses Vulnerability-related.PatchVulnerability one of the libraries ( SDKLibAdapter ) that would allow the attack to take place , with another DLL ( NLog logging library ) being left vulnerable Vulnerability-related.DiscoverVulnerability to the same side-loading tactic . `` The patch is incomplete because it overlooks this and hence the nlog.dll can be utilized to allow arbitrary code execution just as the McAfee.TrueKey.SDKLibAdapter.dll could be used in versions prior to the patch , '' Exodus researchers Omar El-Domeiri and Gaurav Baruah said . `` Furthermore , any other McAfee signed binary can be used to exploit the vulnerability as long as the binary depends on a DLL outside the list of known DLLs . '' Exodus said Vulnerability-related.DiscoverVulnerability that it notified Vulnerability-related.DiscoverVulnerability McAfee of the issue back in August , prompting Vulnerability-related.PatchVulnerability a second patch that , unfortunately , also failed to fully remedy Vulnerability-related.PatchVulnerability the issue . `` However , we tested the latest version available ( 5.1.173.1 as of September 7th , 2018 ) and found Vulnerability-related.DiscoverVulnerability that it remains vulnerable Vulnerability-related.DiscoverVulnerability requiring no changes to our exploit . '' To its credit , McAfee acknowledged Vulnerability-related.DiscoverVulnerability the issue and said it is still working to fully resolve Vulnerability-related.PatchVulnerability the flaw . `` McAfee has been working with the researchers to confirm Vulnerability-related.DiscoverVulnerability their findings , and has provided customers mitigation guidance to allow them to protect themselves until the company can address Vulnerability-related.PatchVulnerability the reported issues via automatic product updates , '' McAfee told The Register . In the meantime , McAfee says customers can use the True Key browser extension ( which is not subject to the DLL vulnerability ) rather than the Windows application .

A week ago the Moodle developers released Vulnerability-related.PatchVulnerability updates for the still supported branches of the platform : 3.2.2 , 3.1.5 , 3.0.9 and 2.7.19 . The release notes mentioned that `` a number of security related issues were resolved Vulnerability-related.PatchVulnerability , '' but did n't provide any additional details about their nature or impact . The severity of the flaws became apparent Vulnerability-related.DiscoverVulnerability Monday , when security researcher Netanel Rubin , who found Vulnerability-related.DiscoverVulnerability the vulnerabilities , published Vulnerability-related.DiscoverVulnerability a detailed blog post about them . They do n't seem too critical on their own , but when combined , they allow attackers to create hidden administrative accounts and execute malicious PHP code on the underlying server . The exploit takes advantage of some false assumptions made by the developers , which Rubin described as a logic flaw , an Object Injection , a double SQL injection , and an overly permissive administrative dashboard . The logic issue stems from the reimplementation of a certain function without taking into account decisions made by the original function 's developers . According to the researcher , it is the result of `` having too much code , too many developers and lacking documentation . '' `` Keep in mind that logical vulnerabilities can and will occur in almost all systems featuring a large code base , '' Rubin said . `` Security issues in large code bases is , of course , not Moodle specific . '' Gaining administrative privileges on the Moodle platform is not only dangerous because attackers could install a PHP backdoor by uploading malicious plug-ins or templates , but also because Moodle installations store sensitive and private information about students taking online courses

The IAAF said in a statement the hacking group known as Fancy Bear , which has been linked by western governments and security experts to a Russian spy agency blamed for some of the cyber operations that marred the 2016 U.S. election , was believed to be behind the attack of medical records in February . The hack targeted information concerning applications by athletics for Therapeutic Use Exemptions , the IAAF said . Athletes who had applied for TUEs since 2012 have been contacted and IAAF president , Sebastian Coe , apologized . ” Our first priority is to the athletes who have provided the IAAF with information that they believed would be secure and confidential , ” Coe said in the statement . “ They have our sincerest apologies and our total commitment to continue to do everything in our power to remedy the situation ” . TUEs are issued by sports federations and national anti-doping organizations to allow athletes to take certain banned substances for verified medical needs . The IAAF said that data on athlete TUEs was “ collected Attack.Databreach from a file server and stored on a newly created file ” . “ The attack by Fancy Bear , also known as APT28 , was detected during a proactive investigation carried out by cyber incident response ( CIR ) firm Context Information Security , ” the IAAF said . Private security firms and U.S. officials have said Fancy Bear works primarily on behalf of the GRU , Russia ’ s military intelligence agency . Fancy Bear could not be immediately reached for comment . The group and other Russian hackers were behind the cyber attacks during the U.S. presidential election last year that were intended to discredit Democratic candidate Hillary Clinton and help Donald Trump , a Republican , win , according to U.S. intelligence agencies . It was not known if the information was stolen Attack.Databreach from the network , the IAAF said , but the incident was “ a strong indication of the attackers ’ interest and intent , and shows they had access Attack.Databreach and means to obtain Attack.Databreach content from this file at will ” . The attack was uncovered after British company Context Information Security conducted a investigation of the IAAF ’ s systems at the request of the athletics body . Context Information Security said in a separate statement that it was a “ sophisticated intrusion ” and that “ the IAAF have understood the importance and impact of the attack and have provided us comprehensive assistance ” . Last year , Fancy Bear hacked Attack.Databreach into the World Anti-Doping Agency ( WADA ) database and published Attack.Databreach the confidential medical records of several dozen athletes . Those included cyclist Bradley Wiggins , the 2012 Tour de France winner and Britain ’ s most decorated Olympian with eight medals , who was revealed to have used TUEs before some races . Wiggins retired last year under something of a cloud after it was revealed he took corticosteroid triamcinolone for asthma , although he broke no anti-doping rules . The IAAF banned Russia ’ s athletics federation after a WADA commission report found evidence of state-sponsored doping . Almost all Russia ’ s athletes missed the track and field events at the Rio Olympics last year and are likely to also miss the world athletics championships in London in August

A group known as the Shadow Brokers published Vulnerability-related.DiscoverVulnerability on Good Friday a set of confidential hacking tools used by the NSA to exploit Vulnerability-related.DiscoverVulnerability software vulnerabilities in Microsoft Windows software . According to Fortune , Microsoft announced Vulnerability-related.PatchVulnerability on the same day that it had patched Vulnerability-related.PatchVulnerability the vulnerabilities related to the NSA leak Attack.Databreach . It was especially important that the company moved quickly since juvenile hackers — also known as script kiddies — were expected to be active over the holiday weekend while defenders were away . The threat was the latest and , according to security experts , the most damaging set of stolen documents published Attack.Databreach by the Shadow Brokers , which is believed to be tied to the Russian government . Experts say Vulnerability-related.DiscoverVulnerability the leak , which was mostly lines of computer code , was made up of a variety of “ zero-day exploits ” that can infiltrate Windows machines and then be used for espionage , vandalism or document theft . The group also published Attack.Databreach another set of documents that show that the NSA penetrated the SWIFT banking network in the Middle East . “ There appears to be at least several dozen exploits , including zero-day vulnerabilities , in this release . Some of the exploits even offer a potential ‘ God mode ’ on select Windows systems . A few of the products targeted include Lotus Notes , Lotus Domino , IIS , SMB , Windows XP , Windows 8 , Windows Server 2003 and Windows Server 2012 , ” said Cris Thomas , a strategist at Tenable Network Security . The Shadow Brokers have been threatening the U.S. government for some time but until last Friday had not released anything critical . There is speculation that this document dump Attack.Databreach could be retaliation by Russia ( if the hackers are indeed tied to the country ) in response to recent U.S. military actions .

A group known as the Shadow Brokers published Vulnerability-related.DiscoverVulnerability on Good Friday a set of confidential hacking tools used by the NSA to exploit Vulnerability-related.DiscoverVulnerability software vulnerabilities in Microsoft Windows software . According to Fortune , Microsoft announced Vulnerability-related.PatchVulnerability on the same day that it had patched Vulnerability-related.PatchVulnerability the vulnerabilities related to the NSA leak Attack.Databreach . It was especially important that the company moved quickly since juvenile hackers — also known as script kiddies — were expected to be active over the holiday weekend while defenders were away . The threat was the latest and , according to security experts , the most damaging set of stolen documents published Attack.Databreach by the Shadow Brokers , which is believed to be tied to the Russian government . Experts say Vulnerability-related.DiscoverVulnerability the leak , which was mostly lines of computer code , was made up of a variety of “ zero-day exploits ” that can infiltrate Windows machines and then be used for espionage , vandalism or document theft . The group also published Attack.Databreach another set of documents that show that the NSA penetrated the SWIFT banking network in the Middle East . “ There appears to be at least several dozen exploits , including zero-day vulnerabilities , in this release . Some of the exploits even offer a potential ‘ God mode ’ on select Windows systems . A few of the products targeted include Lotus Notes , Lotus Domino , IIS , SMB , Windows XP , Windows 8 , Windows Server 2003 and Windows Server 2012 , ” said Cris Thomas , a strategist at Tenable Network Security . The Shadow Brokers have been threatening the U.S. government for some time but until last Friday had not released anything critical . There is speculation that this document dump Attack.Databreach could be retaliation by Russia ( if the hackers are indeed tied to the country ) in response to recent U.S. military actions .

A group known as the Shadow Brokers published Vulnerability-related.DiscoverVulnerability on Good Friday a set of confidential hacking tools used by the NSA to exploit Vulnerability-related.DiscoverVulnerability software vulnerabilities in Microsoft Windows software . According to Fortune , Microsoft announced Vulnerability-related.PatchVulnerability on the same day that it had patched Vulnerability-related.PatchVulnerability the vulnerabilities related to the NSA leak Attack.Databreach . It was especially important that the company moved quickly since juvenile hackers — also known as script kiddies — were expected to be active over the holiday weekend while defenders were away . The threat was the latest and , according to security experts , the most damaging set of stolen documents published Attack.Databreach by the Shadow Brokers , which is believed to be tied to the Russian government . Experts say Vulnerability-related.DiscoverVulnerability the leak , which was mostly lines of computer code , was made up of a variety of “ zero-day exploits ” that can infiltrate Windows machines and then be used for espionage , vandalism or document theft . The group also published Attack.Databreach another set of documents that show that the NSA penetrated the SWIFT banking network in the Middle East . “ There appears to be at least several dozen exploits , including zero-day vulnerabilities , in this release . Some of the exploits even offer a potential ‘ God mode ’ on select Windows systems . A few of the products targeted include Lotus Notes , Lotus Domino , IIS , SMB , Windows XP , Windows 8 , Windows Server 2003 and Windows Server 2012 , ” said Cris Thomas , a strategist at Tenable Network Security . The Shadow Brokers have been threatening the U.S. government for some time but until last Friday had not released anything critical . There is speculation that this document dump Attack.Databreach could be retaliation by Russia ( if the hackers are indeed tied to the country ) in response to recent U.S. military actions .

The mysterious group that claims to have stolen digital weapons once used by the National Security Agency published Attack.Databreach a trove of active Microsoft Windows software exploits on Thursday . The code dump Attack.Databreach , accompanied by a farewell message written in broken English by the enigmatic group the Shadow Brokers , confirms claims implicit in an earlier post Sunday . While the prior message showed filenames , directories and screenshots — implying the existence of these capabilities — along with an associated price tag , today ’ s download provides functional code . Of the 61 files provided in total in the newly released set , only one had ever been catalogued by anti-virus databases , based on a VirusTotal scan conducted earlier Thursday morning . The files contain user mode and kernel mode modules . Notably , the one tool effectively recognized by the virus scanner avoided detection from Malwarebytes , Panda , Comodo and Fortinet products , said Rendition Infosec founder Jake Williams . In their supposed final message , the ShadowBrokers say they are “ making [ an ] exit ” and “ going dark ” — although an associated bitcoin wallet will remain open for new bids . The group claims it will come out of hiding to provide the remaining stolen hacking tools only upon receiving 10,000 bitcoin , or $ 8.13 million worth of the anonymous currency . Cybersecurity experts tell CyberScoop the exploits are outdated because they are designed to work against old versions of Microsoft operating systems . “ This dump contains Windows Implants and not Unix tools , reinforcing the insider theory . And the outdated Windows target of those implants reinforce the opinion that Shadow Brokers only has old dirt , ” said Matt Suiche , founder of United Arab Emirates-based cybersecurity startup Comae Technologies . “ There is no reason to have all the tools of every platforms etc . The exploits can be understood as highly advanced hacking tools that were likely developed and deployed by a sophisticated adversary , like an intelligence service , explained Michael Zeberlein , director of intelligence analysis with Area 1 Security . “ They ’ re basically enterprise class IT infrastructure and systems management functions applied in an offensive fashion . They would help you get very granular control of computers and servers running in an enterprise environment , an entire organization , ” Zeberlein told CyberScoop . “ Really , these tools provide incredible capability ” . “ There ’ s no doubt that this is Equation Group ’ s stuff based on old reporting , ” said Zeberlein . A meticulous analysis associated with Sunday ’ s blog post suggests that the leaked information likely came Attack.Databreach from an insider , rather than a hacker with access Attack.Databreach to a compromised attack server , based on file configurations , CyberScoop first reported . “ Attackers and defenders around the globe will be reverse engineering these to repurpose [ attacks ] and create defenses , ” Williams said . “ This data , it ’ s a big deal … because it includes information related to client and server components , which will basically help [ intelligence analysts ] trace old breaches back to the Equation Group , ” a former U.S. intelligence official told CyberScoop on the condition of anonymity . The Shadow Brokers first emerged Vulnerability-related.DiscoverVulnerability on social media in August by similarly dumping operational code for a cohort of old firewall exploits that targeted vulnerabilities in Cisco , Fortinet and Juniper Networks products . Because the source code for these firewall exploits was provided in a public forum , random hackers began using the tools themselves . “ While we can not surmise the attacker ’ s [ Shadow Brokers ] identity or motivation nor where or how this pilfered trove came to be , we can state that several hundred tools from the leak Attack.Databreach share a strong connection with our previous findings from the Equation Group , ” Kaspersky Lab researchers , many of whom originally helped identify Equation Group ’ s existence in 2015 , wrote in a company blog post in August . The Equation Group is believed to have ties to the NSA

The technical details of security vulnerabilities impacting Vulnerability-related.DiscoverVulnerability the Nvidia Video and an Android driver have been revealed Vulnerability-related.DiscoverVulnerability by Zimperium , which acquired the flaws as part of an exploit acquisition program . On Tuesday , Zimperium zLabs researchers published Vulnerability-related.DiscoverVulnerability a blog post detailing the security flaws , two escalation of privilege bugs found Vulnerability-related.DiscoverVulnerability within the NVIDIA Video driver and MSM Thermal driver . The Nvidia bug , CVE-2016-2435 , impacts Vulnerability-related.DiscoverVulnerability Android 6.0 on the Nexus 9 handset . The problem arises Vulnerability-related.DiscoverVulnerability when attackers craft an application to tamper with read/write memory values and force privilege escalation . The second security flaw , CVE-2016-2411 , involves Vulnerability-related.DiscoverVulnerability a Qualcomm power management kernel driver , the MSM Thermal driver , in Android version 6 . If an attacker crafts a malicious application , they can give themselves root access through an internal bug in the driver , leading to privilege escalation . These bugs are well documented Vulnerability-related.DiscoverVulnerability , known Vulnerability-related.DiscoverVulnerability , and for the most part security updates have been issued Vulnerability-related.PatchVulnerability . However , Zimperium says Vulnerability-related.DiscoverVulnerability that making the technical details available of these so-called Vulnerability-related.DiscoverVulnerability `` N-day '' flaws is important and can act as a catalyst to boost the speed of patch production and to iron out problems arriving between a patch being created Vulnerability-related.PatchVulnerability and vendors distributing Vulnerability-related.PatchVulnerability the update in good time . In February , Zimperium launched Vulnerability-related.DiscoverVulnerability an N-day acquisition program which is only interested in known security problems , rather than unknown and unpatched zero-days . Over the next year , the exploit purchaser is budgeting a total of $ 1.5 million to pick up the details on these exploits . Once a bug has been discovered Vulnerability-related.DiscoverVulnerability and a fix is being worked on Vulnerability-related.PatchVulnerability , an N-day exploit indicates a time of one or more days in which user systems can be compromised until a security update is issued Vulnerability-related.PatchVulnerability . `` By focusing on N-days , or patched vulnerabilities , Zimperium is applying pressure on the mobile ecosystem to re-think how and when users receive Vulnerability-related.PatchVulnerability security updates , '' the company said at the time . `` [ The ] program will reward the hard work of researchers who would n't otherwise receive compensation for an N-day exploit . ''

Users of open source webmail software SquirrelMail are open to remote code execution due to a bug ( CVE-2017-7692 ) discovered Vulnerability-related.DiscoverVulnerability independently by two researchers . “ If the target server uses Sendmail and SquirrelMail is configured to use it as a command-line program , it ’ s possible to trick sendmail into using an attacker-provided configuration file that triggers the execution of an arbitrary command , ” the explanation provided by MITRE reads . “ For exploitation , the attacker must upload a sendmail.cf file as an email attachment , and inject the sendmail.cf filename with the -C option within the ‘ Options > Personal Informations > Email Address ’ setting. ” The bug was found Vulnerability-related.DiscoverVulnerability by researchers Filippo Cavallarin and Dawid Golunski , independently of one another , and affects SquirrelMail versions 1.4.22 and below . Golunski reported Vulnerability-related.DiscoverVulnerability it to SquirrelMail ( sole ) developer Paul Lesniewski , who asked for a delay of publication of the details until he could fix Vulnerability-related.PatchVulnerability the flaw . But as Cavallarin published Vulnerability-related.DiscoverVulnerability details about it last week ( after not receiving any reply by the SquirrelMail developer ) , Golunski did the same during the weekend . Both researchers provided Vulnerability-related.DiscoverVulnerability a proof-of-concept exploit for the flaw , and Cavallarin even offered Vulnerability-related.PatchVulnerability an unofficial patch for plugging Vulnerability-related.PatchVulnerability the hole . All this prompted Lesniewski to push out Vulnerability-related.PatchVulnerability a patch on Monday , and new , patched version snapshots of the software ( 1.4.23-svn and 1.5.2-svn ) . He also told The Register that exploitation of the bug is difficult to pull off . “ In order to exploit the bug , a malicious user would need to have already gained control over a mail account by other means , SquirrelMail would need to be configured to allow users to change their outgoing email address ( we recommend keeping this disabled ) , the user would need to determine the location of the attachments directory ( by gaining shell access or making guesses ) , the permissions on said directory and files would need to allow access by other processes ( by default this will usually be the case , but prudent admins will exert more stringent access controls ) and of course , SquirrelMail needs to be configured to send via Sendmail and not SMTP ( default is SMTP ) , ” he explained . Still , according to Golunski , the 1.4.23 version snapshot offered Vulnerability-related.PatchVulnerability on Monday was still vulnerable Vulnerability-related.DiscoverVulnerability . But another one was pushed out Vulnerability-related.PatchVulnerability today , so it ’ s possible that the issue was finally , definitely fixed Vulnerability-related.PatchVulnerability . Users can wait to update their installation until things become more clear , and in the meantime , they can protect themselves by configuring their systems not to use Sendmail .

This is part of an ongoing Motherboard series on the proliferation of phone cracking technology , the people behind it , and who is buying it . Motherboard has obtained 900 GB of data related to Cellebrite , one of the most popular companies in the mobile phone hacking industry . The cache includes customer information , databases , and a vast amount of technical data regarding Cellebrite 's products . The breach Attack.Databreach is the latest chapter in a growing trend of hackers taking matters into their own hands , and stealing Attack.Databreach information from companies that specialize in surveillance or hacking technologies . Cellebrite is an Israeli company whose main product , a typically laptop-sized device called the Universal Forensic Extraction Device ( UFED ) , can rip data Attack.Databreach from thousands of different models of mobile phones . That data can include SMS messages , emails , call logs , and much more , as long as the UFED user is in physical possession of the phone . Cellebrite is popular with US federal and state law enforcement , and , according to the hacked data , possibly also with authoritarian regimes such as Russia , the United Arab Emirates , and Turkey . The cache includes alleged usernames and passwords for logging into Cellebrite databases connected to the company 's my.cellebrite domain . This section of the site is used by customers to , among other things , access new software versions . In the majority of cases , this was not possible because the email address was already in use . A customer included in the data confirmed some of their details . The dump also contains what appears to be evidence files from seized mobile phones , and logs from Cellebrite devices . According to the hacker , and judging by timestamps on some of the files , some of the data may have been pulled Attack.Databreach from Cellebrite servers last year . `` Cellebrite recently experienced unauthorized access to an external web server , '' the company said in a statement on Thursday after Motherboard informed it of the breach . `` The company is conducting an investigation to determine the extent of the breach . The impacted server included a legacy database backup of my.Cellebrite , the company 's end user license management system . The company had previously migrated to a new user accounts system . Presently , it is known that the information accessed includes basic contact information of users registered for alerts or notifications on Cellebrite products and hashed passwords for users who have not yet migrated to the new system , '' the statement continues . Cellebrite advised customers to change their passwords as a precaution , and added that it is working with relevant authorities to assist in their investigation . Access to Cellebrite 's systems has been traded among a select few in IRC chat rooms , according to the hacker . `` To be honest , had it not been for the recent stance taken by Western governments no one would have known but us , '' the hacker told Motherboard . The hacker expressed disdain for recent changes in surveillance legislation . In 2014 a hacker calling themselves `` PhineasFisher '' publicly released 40GB of data from surveillance company Gamma International . Gamma makes intrusion software that can remotely switch on a target 's webcam , siphon off Attack.Databreach their emails , and much more . The following year , PhineasFisher targeted Italian company Hacking Team , and published Attack.Databreach a trove of emails and other internal documents from the company . Although the terms of this Cellebrite breach Attack.Databreach are somewhat different—the hacker has not dumped Attack.Databreach the files online for anyone to download—similarities seem to remain , especially in the hacker 's vigilante motivation .

The vulnerability was discovered Vulnerability-related.DiscoverVulnerability by researchers from the hacking collective the Exploiteers ( formerly GTVHacker ) , who have found Vulnerability-related.DiscoverVulnerability vulnerabilities in the Samsung SmartCam devices in the past . The flaw allows for command injection through a web script , even though the vendor has disabled the local web-based management interface in these devices . The Samsung SmartCam is a series of cloud-enabled network security cameras that were originally developed by Samsung Techwin . Samsung sold this division to South Korean business conglomerate Hanwha Group in 2015 and the company was renamed Hanwha Techwin . In response to vulnerabilities reported in Vulnerability-related.DiscoverVulnerability the web-based management interface of various SmartCam models over the past few years , Hanwha Techwin decided to completely disable the local administration panel and only allow users to access the cameras through the accompanying smartphone app and its My SmartCam cloud service . The Exploiteers researchers recently analyzed the Samsung SmartCam SNH-1011 and noticed that while accessing the web interface over the local network was no longer possible , the web server was still running on the device and hosted some PHP scripts related to a video monitoring system called iWatch . One of these scripts allows users to update the iWatch software by uploading a file , but has a vulnerability that stems from improper sanitization of the file name . The flaw can be exploited Vulnerability-related.DiscoverVulnerability by unauthenticated attackers to inject shell commands that will then be executed by the web server running with root privileges . `` The iWatch Install.php vulnerability can be exploited Vulnerability-related.DiscoverVulnerability by crafting a special filename which is then stored within a tar command passed to a php system ( ) call , '' the researchers explained Vulnerability-related.DiscoverVulnerability in a blog post Saturday . `` Because the web-server runs as root , the filename is user supplied , and the input is used without sanitization , we are able to inject our own commands within to achieve root remote command execution . '' While the flaw was found Vulnerability-related.DiscoverVulnerability in the SNH-1011 model , the researchers believe that it affects the entire Samsung SmartCam series . Ironically the vulnerability can be exploited Vulnerability-related.DiscoverVulnerability to turn on the disabled web management interface , whose removal was criticized by some users . The Exploiteers published Vulnerability-related.DiscoverVulnerability a proof-of-concept exploit that does just that .

Details on serious vulnerabilities in a number of routers freely distributed by a major Thai ISP were published on Vulnerability-related.DiscoverVulnerability Monday after private disclosures Vulnerability-related.DiscoverVulnerability made to the vendors in July went unanswered . Researcher Pedro Ribeiro of Agile Information Security found Vulnerability-related.DiscoverVulnerability accessible admin accounts and command injection vulnerabilities in ZyXel and Billion routers distributed by TrueOnline , Thailand ’ s largest broadband company . Ribeiro said Vulnerability-related.DiscoverVulnerability he disclosed Vulnerability-related.DiscoverVulnerability the vulnerabilities through Beyond Security ’ s SecuriTeam Secure Disclosure Program , which contacted the affected vendors last July . Ribeiro published Vulnerability-related.DiscoverVulnerability a proof of concept exploit yesterday as well . Ribeiro told Vulnerability-related.DiscoverVulnerability Threatpost he ’ s unsure whether TrueOnline introduced Vulnerability-related.DiscoverVulnerability the vulnerabilities as it adds its own customization to the routers , or whether they came from the respective manufacturers . A ZyXel representative told Threatpost the router models are no longer supported and would not comment on whether patches were being developed Vulnerability-related.PatchVulnerability . A request for comment from Billion was not returned in time for publication . The commonality between the routers appears to be that they ’ re all based on the TC3162U system-on-a-chip manufactured by TrendChip . Affected routers are the ZyXel P660HN-T v1 and P660HN-T v2 , and Billion 5200 W-T , currently in distribution to TrueOnline customers . The TC3162U chips run two different firmware variants , one called “ ras ” which includes the Allegro RomPage webserver vulnerable to the Misfortne Cookie attacks , and the other called tclinux . The tclinux variant contains the vulnerabilities found Vulnerability-related.DiscoverVulnerability by Ribeiro , in particular several ASP files , he said Vulnerability-related.DiscoverVulnerability , are vulnerable Vulnerability-related.DiscoverVulnerability to command injection attacks . He also cautions that they could be also vulnerable to Misfortune Cookie , but he did not investigate this possibility . “ It should be noted that tclinux contains files and configuration settings in other languages ( for example in Turkish ) . Therefore it is likely that these firmware versions are not specific to TrueOnline , and other ISP customised routers in other countries might also be vulnerable , ” Ribeiro said in his advisory . “ It is also possible that other brands and router models that use the tclinux variant are also affected Vulnerability-related.DiscoverVulnerability by the command injection vulnerabilities ( the default accounts are likely to be TrueOnline specific ) ” . In addition to Ribeiro ’ s proof-of-concept , Metasploit modules are available Vulnerability-related.DiscoverVulnerability for three of the vulnerabilities . Most of the vulnerabilities can be exploited Vulnerability-related.DiscoverVulnerability remotely , some without authentication . “ These vulnerabilities are present in the web interface . The default credentials are part of the firmware deployed by TrueOnline and they are authorized to perform remote access over the WAN , ” Ribeiro said . “ Due to time and lab constraints I was unable to test whether these routers expose the web interface over the WAN , but given the credentials , it is likely ” . The ZyXel P660HN-T v1 router is vulnerable Vulnerability-related.DiscoverVulnerability to an unauthenticated command injection attack that can be exploited remotely . Ribeiro said Vulnerability-related.DiscoverVulnerability he found Vulnerability-related.DiscoverVulnerability the vulnerability in the remote system log forwarding function , specifically in the ViewLog.asp page . V2 of the same router contains Vulnerability-related.DiscoverVulnerability the same vulnerability , but can not be exploited Vulnerability-related.DiscoverVulnerability without authentication , he said . “ Unlike in the P660HN-Tv1 , the injection is authenticated and in the logSet.asp page . However , this router contains a hardcoded supervisor password that can be used to exploit this vulnerability , ” Ribeiro said . “ The injection is in the logSet.asp page that sets up remote forwarding of syslog logs , and the parameter vulnerable to injection is the serverIP parameter ” . The Billion 5200W-T is also vulnerable Vulnerability-related.DiscoverVulnerability to unauthenticated and authenticated command injection attacks ; the vulnerability was found Vulnerability-related.DiscoverVulnerability in its adv_remotelog.asp page . “ The Billion 5200W-T router also has several other command injections in its interface , depending on the firmware version , such as an authenticated command injection in tools_time.asp ( uiViewSNTPServer parameter ) , ” Ribeiro said . It should be noted that this router contains several hardcoded administrative accounts that can be used to exploit this vulnerability ” . Ribeiro said default and weak admin credentials were found on the all of the versions and were accessible remotely . The researcher said it ’ s unknown whether the routers can be patched remotely . “ Again , given the existence of default credentials that have remote access , it is likely that it is possible to update the firmware remotely , ” Ribeiro said . Most of iBall baton routers in India are also vulnerable Vulnerability-related.DiscoverVulnerability to unauthenticated and authenticated command injection attack , i have reason to believe default and weak admin credentials are on the all of the versions and were accessible remotely . i Have I “ Ball WRA150N ” ADSL2+ iBall baton Router.And IBall is never accepting not even taking response to complains and request for latest firmware patches . ASUS patched Vulnerability-related.PatchVulnerability a bug that allowed attackers to pair two vulnerabilities to gain direct router access and execute commands as root . Thanks to Meltdown and Spectre , January has already been an extremely busy month of patching Vulnerability-related.PatchVulnerability for Microsoft .

IP cameras manufactured by Chinese vendor Fosscam are riddled Vulnerability-related.DiscoverVulnerability with security flaws that allow an attacker to take over the device and penetrate your network . The issues came to light yesterday when Finnish cyber-security firm F-Secure published Vulnerability-related.DiscoverVulnerability its findings after Fosscam failed to answer bug reports Vulnerability-related.DiscoverVulnerability and patch Vulnerability-related.PatchVulnerability its firmware . Below is a list of 18 vulnerabilities researchers discovered Vulnerability-related.DiscoverVulnerability in Fosscam IP cameras : The variety of issues F-Secure researchers discovered Vulnerability-related.DiscoverVulnerability means there are multiple ways an attacker can hack one of these devices and use it for various operations . `` For example , an attacker can view the video feed , control the camera operation , and upload and download files from the built-in FTP server , '' F-Secure says. `` They can stop or freeze the video feed , and use the compromised device for further actions such as DDoS or other malicious activity . '' `` If the device is in a corporate local area network , and the attacker gains access to the network , they can compromise the device and infect it with a persistent remote access malware . The malware would then allow the attacker unfettered access to the corporate network and the associated resources , '' researchers added . F-Secure researchers say Vulnerability-related.DiscoverVulnerability all these vulnerabilities have been confirmed Vulnerability-related.DiscoverVulnerability in Fosscam C2 models , but also in Opticam i5 , an IP camera sold by another vendor , but based on a white-label Fosscam device . In fact , researchers suspect that Fosscam has sold the vulnerable IP camera model as a white-label product , which other companies bought , plastered their logo on top , and resold as their own devices . F-Secure says it identified 14 other vendors that sell Fosscam made cameras , but they have not tested their products as of yet . F-Secure recommends that network administrators remove any Fosscam made IP camera from their network until the Chinese company patches Vulnerability-related.PatchVulnerability its firmware .

Are you such a video game fanatic that you simply can ’ t wait to get your paws on sneak previews of upcoming hit titles ? If so , your fervour may be fuelling the criminal activities of an unnamed group of who have targeted a developer of highly popular video games . Best known for developing The Witcher series of role-playing video games , CD Projekt Red took to Twitter to announce that it had been approached by extortionists who claimed to have stolen Attack.Databreach files from the company , including “ documents connected to early designs for the upcoming game , Cyberpunk 2077. ” CD Projekt Red says it will not pay the ransom being demanded Attack.Ransom by the thieves , who are threatening to release the stolen files to the general public : “ We will not be giving in to the demands Attack.Ransom of the individual or individuals that have contacted us , which might eventually lead to the files being published online . The appropriate legal authorities will be informed about the situation. ” “ The documents are old and largely unrepresentative of the current vision for the game . Still , if you ’ re looking forward to playing Cyberpunk 2077 , it would be best for you to avoid any information not coming directly from CD PROJEKT RED. ” I applaud CD Projekt Red ’ s refusal to pay a ransom Attack.Ransom . Paying Attack.Ransom extortionists always runs the risk of encouraging blackmailers to strike again , putting not just your own company but others at further risk . No release date has yet been announced by the Polish game studio for Cyberpunk 2077 , which has been in development for years and is keenly anticipated by the game maker ’ s fans . For CD Projekt RED , the danger is not just whether assets belonging to the game leaking Attack.Databreach into the public domain mess up its marketing strategy . There is also the risk that the gaming community will be unimpressed with any sneak previews of early versions of the game stolen Attack.Databreach by the hackers , and puncture the hype machine . Recent months have seen a rise in attacks Attack.Ransom where hackers have threatened to release a company ’ s intellectual property onto the net unless a ransom is paid Attack.Ransom . A month ago , for instance , The Dark Overlord hacking group attempted to blackmail money Attack.Ransom out of Netflix , before deciding to leak as-yet unaired episodes of hit TV show “ Orange is the New Black. ” The same hacking group has previously published Attack.Databreach 180,000 medical records – including insurance and social security numbers , dates of birth , and payment information – after healthcare firms refused to give in to their demands Attack.Ransom . Most recently , a chain of cosmetic surgeries in Lithuania warned that hackers were threatening to release the personal details of clients , including photographs . Readers with longer memories may recall that in September 2003 , a German hacker leaked Attack.Databreach the source code of the game Half-Life 2 onto the internet , much to the delight of internet users who had become fed up with waiting for the long-awaited video game . It doesn ’ t matter that it ’ s not credit card data or passwords that are being stolen Attack.Databreach – theft is theft Attack.Databreach . Just because it ’ s a video game ’ s plans and designs that are being held for ransom Attack.Ransom by the hackers doesn ’ t make any difference . The threat is real – and could have a commercial impact on the game ’ s producer . CD Projekt Red should be applauded for being so transparent about what has happened , as it ’ s easy to imagine many firms would rather sweep bad news like this under the carpet . What we need now is for game fanatics to exercise some patience and self-control , and resist the urge to hunt out a game before the manufacturer is ready to release it officially themselves .

As of June 2016 , more than 150 million active users interact with one another daily via Snapchat . Others are drawn by the service 's more recent features . Those include Snapcash , a method introduced for users to send mobile payments to their friends . Given the app 's popularity , it 's no wonder online criminals have set their sights on hacking users ' Snapchat accounts . For instance , back in late 2013 , a group of hackers published Attack.Databreach a database containing the usernames and phone numbers of approximately 4.6 million Snapchat users . Nefarious individuals could have used that information to profile targets across multiple web accounts . We also ca n't forget about the security incident Attack.Phishing that occurred back in February 2016 . In that attack Attack.Phishing , someone posed as Attack.Phishing the company 's CEO and convinced a Snapchat employee to send over payroll information . The successful phish ultimately compromised Attack.Databreach dozens of employees ' identities . To be fair , a mega breach on the scale of what affected LinkedIn , Tumblr , and Yahoo has yet to strike the messaging app . But that 's not to say criminals are n't trying to find a way into people 's accounts . Hackers clearly have Snapchat in their sights , which is why users need to learn how to spot the warning signs of a hack and how they can recover their accounts if someone compromises them .