IBM has discovered Vulnerability-related.DiscoverVulnerability 17 zero-day vulnerabilities in smart city systems which could debilitate core services . At the Black Hat conference in Las Vegas on Monday , the cybersecurity firm 's X-Force Red team of penetration testers and hackers demonstrated how old-school threats are placing the cities of the future at risk in the present day . Smart city technology spending is predicted to hit $ 80 billion this year and become as high as $ 135 billion by 2021 . Water and filtration systems , smart lighting , traffic controllers , utilities , and more all become intertwined in smart cities , which aim to make urban living more energy efficient , eco-friendly , and manageable . However , connecting all of these critical elements can have devastating effects should something go wrong -- such as a successful cyberattack . We 've already seen the damage which can be caused when threat actors target core country systems , such as in the case of Ukraine 's power grid , and unless security is considered every step of the way , every future city will be placed at similar levels of risk . Together with researchers from Threatcare , IBM X-Force Red discovered Vulnerability-related.DiscoverVulnerability that smart city systems developed by Libelium , Echelon and Battelle were vulnerable Vulnerability-related.DiscoverVulnerability to attack . Libelium is a wireless sensor network hardware manufacturer , while Echelon specializes in industrial IoT , and non-profit Battelle develops and commercializes related technologies . According to IBM X-Force Red researcher Daniel Crowley , out of the 17 previously-unknown vulnerabilities discovered Vulnerability-related.DiscoverVulnerability in systems used in four smart cities , eight are deemed critical in severity . Unfortunately , many of the bugs were due to poor , lax security practices -- such as the use of default passwords , authentication bypass , and SQL injections . In total , the researchers uncovered Vulnerability-related.DiscoverVulnerability four instances of critical pre-authentication shell injection flaws in Libelium 's wireless sensor network , Meshlium .

Microsoft ’ s updates for the Meltdown microprocessor mega-flaw inadvertently left users running Windows 7 64-bit systems open to a “ way worse ” flaw , a researcher has claimed Vulnerability-related.DiscoverVulnerability . To recap , Meltdown ( aka F * * CKWIT or CVE-2017-5754 ) is a proof-of-concept hardware vulnerability uncovered Vulnerability-related.DiscoverVulnerability almost simultaneously by several groups of researchers through which an attacker could access the contents of kernel memory ( passwords , encryption keys , say ) from the part used by ordinary applications . An extremely inviting target for any attacker , which is why Microsoft sprang into action to mitigate Vulnerability-related.PatchVulnerability the vulnerability ( in addition to BIOS updates from vendors ) across different Windows versions in two rounds of updates Vulnerability-related.PatchVulnerability in January and February . But according to Ulf Frisk , something went awry starting with the January update when applied to Windows 7 and Windows Server 2008 R2 , which miss-set controlling permissions for something called the Page Map Level 4 ( PML4 ) . This is a table used by Intel microprocessors to “ translate the virtual addresses of a process into physical memory addresses in RAM. ” Set correctly , only the kernel should be able to access this table . The result of the issue is that an attacker aware of the flaw would have the ability to break out of the application space and take over a system . All this from a simple software mistake : No fancy exploits were needed . Windows 7 already did the hard work of mapping in the required memory into every running process . Exploitation was just a matter of read and write to already mapped in-process virtual memory . No fancy APIs or syscalls required – just standard read and write !

Troubled browser has once again come under attack , with flaw discovered Vulnerability-related.DiscoverVulnerability in multiple versions of Internet Explorer . Microsoft has been forced to issue Vulnerability-related.PatchVulnerability an emergency security patch for its Internet Explorer browser . The release came after Google security engineer Clement Lecigne uncovered Vulnerability-related.DiscoverVulnerability a critical vulnerability in several versions of Microsoft 's browser , and could have been activated simply by directing users to a malicious website The flaw , known as CVE-2018-8653 , affects Vulnerability-related.DiscoverVulnerability Internet Explorer 9 , 10 and 11 , with the update issued Vulnerability-related.PatchVulnerability to Windows 7 , 8.1 and 10 versions , as well as Windows Server 2008 , 2012 , 2016 and 2019 . `` A remote code execution vulnerability exists in Vulnerability-related.DiscoverVulnerability the way that the scripting engine handles objects in memory in Internet Explorer , '' Microsoft stated in its support document for the threat . `` The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user . '' The company has issued Vulnerability-related.PatchVulnerability a fix for the flaw now , outside of its typical Patch Tuesday security cycle , signifying it is a significant threat and should be patched Vulnerability-related.PatchVulnerability immediately . Microsoft has gradually retired Internet Explorer from public view over the past few years as it focuses on its newer browser Edge , with only customised versions available to certain business users . The company may also be about to pull the plug on Edge as well , with report recently confirming Microsoft is set to introduce a new browser built on Google 's Chromium platform .

A severe WordPress vulnerability which has been left a year without being patched Vulnerability-related.PatchVulnerability has the potential to disrupt countless websites running the CMS , researchers claim Vulnerability-related.DiscoverVulnerability . At the BSides technical cybersecurity conference in Manchester on Thursday , Secarma researcher Sam Thomas said Vulnerability-related.DiscoverVulnerability the bug permits attackers to exploit the WordPress PHP framework , resulting in a full system compromise . If the domain permits the upload of files , such as image formats , attackers can upload a crafted thumbnail file in order to trigger a file operation through the `` phar : // '' stream wrapper . In turn , the exploit triggers eXternal Entity ( XXE -- XML ) and Server Side Request Forgery ( SSRF ) flaws which cause unserialization in the platform 's code . While these flaws may only originally result in information disclosure and may be low risk , they can act as a pathway to a more serious remote code execution attack . The security researcher says Vulnerability-related.DiscoverVulnerability the core vulnerability , which is yet to receive a CVE Vulnerability-related.DiscoverVulnerability number , is within the wp_get_attachment_thumb_file function in /wpincludes/post.php and when attackers gain control of a parameter used in the `` file_exists '' call , '' the bug can be triggered . Unserialization occurs when serialized variables are converted back into PHP values . When autoloading is in place , this can result in code being loaded and executed , an avenue attackers may exploit in order to compromise PHP-based frameworks . `` Unserialization of attacker-controlled data is a known critical vulnerability , potentially resulting in the execution of malicious code , '' the company says . The issue of unserialization was first uncovered Vulnerability-related.DiscoverVulnerability back in 2009 , and since then , vulnerabilities have been recognized Vulnerability-related.DiscoverVulnerability in which the integrity of PHP systems can be compromised , such as CVE-2017-12934 , CVE-2017-12933 , and CVE-2017- 12932 . The WordPress content management system ( CMS ) is used by millions of webmasters to manage domains , which means the vulnerability potentially has a vast victim pool should the flaw being exploited Vulnerability-related.DiscoverVulnerability in the wild . `` I 've highlighted that the unserialization is exposed to a lot of vulnerabilities that might have previously been considered quite low-risk , '' Thomas explainde . `` Issues which they might have thought were fixed Vulnerability-related.PatchVulnerability with a configuration change or had been considered quite minor previously might need to be reevaluated in the light of the attacks I demonstrated . '' According to Secarma , the CMS provider was made aware Vulnerability-related.DiscoverVulnerability of the security issue in February 2017 , but `` is yet to take action . '' TechRepublic : The need for speed : Why you should optimize your CMS Technical details have been provided in a white paper ( .PDF ) . `` This research continues a worrying recent trend , in demonstrating that object ( un ) serialization is an integral part of several modern languages , '' Thomas said . `` We must constantly be aware of the security impact of such mechanisms being exposed to attackers . '' No reports have been received which suggest the exploit is being actively used in the wild . The vulnerability was originally reported Vulnerability-related.DiscoverVulnerability through the WordPress HackerOne bug bounty program last year . The issue was confirmed Vulnerability-related.DiscoverVulnerability after several days and Thomas was credited for his findings . However , a Secarma spokesperson told ZDNet that while there was `` some attempt to fix Vulnerability-related.PatchVulnerability the issue '' in May 2017 , this did not address Vulnerability-related.PatchVulnerability the problem . `` Communication then went dead for a number of months and has only recently begun again , '' the spokesperson added . ZDNet has reached out to WordPress and will update if we hear back .

There was a caveat to the hack , however—the hijack involved older models of Samsung TVs and required the CIA have physical access to a TV to install the malware via a USB stick . But the window to this sort of hijacking is far wider than originally thought because a researcher in Israel has uncovered Vulnerability-related.DiscoverVulnerability 40 unknown vulnerabilities , or zero-days , that would allow someone to remotely hack millions of newer Samsung smart TVs , smart watches , and mobile phones already on the market , as well as ones slated for future release , without needing physical access to them . The security holes are in Vulnerability-related.DiscoverVulnerability an open-source operating system called Tizen that Samsung has been rolling out in its devices over the last few years . It already has Tizen running on some 30 million smart TVs , as well as Samsung Gear smartwatches and in some Samsung phones in a limited number of countries like Russia , India and Bangladesh—the company plans to have 10 million Tizen phones in the market this year . Samsung also announced earlier this year that Tizen would be the operating system on its new line of smart washing machines and refrigerators too . But the operating system is riddled Vulnerability-related.DiscoverVulnerability with serious security vulnerabilities that make it easy for a hacker to take control of Tizen-powered devices , according to Israeli researcher Amihai Neiderman . A Samsung Z1 with the Tizen operating system on display at the Mobile World Congress 2015 in Barcelona , Spain . But one security hole Neiderman uncovered Vulnerability-related.DiscoverVulnerability was particularly critical . It involves Samsung 's TizenStore app—Samsung 's version of Google Play Store—which delivers apps and software updates to Tizen devices . Neiderman says Vulnerability-related.DiscoverVulnerability a flaw in its design allowed him to hijack the software to deliver malicious code to his Samsung TV . Because the TizenStore software operates with the highest privileges you can get on a device , it 's the Holy Grail for a hacker who can abuse it . `` You can update a Tizen system with any malicious code you want , '' he says . Although TizenStore does use authentication to make sure only authorized Samsung software gets installed on a device , Neiderman found Vulnerability-related.DiscoverVulnerability a heap-overflow vulnerability that gave him control before that authentication function kicked in . Although researchers have uncovered Vulnerability-related.DiscoverVulnerability problems with other Samsung devices in the past , Tizen has escaped extensive scrutiny from the security community , probably because it 's not widely used on phones yet . It did n't take long for Neiderman to notice Vulnerability-related.DiscoverVulnerability how bad the Tizen code was on his TV , which caused him to purchase a few Tizen phones to see what he could do with them as well . He says much of the Tizen code base is old and borrows from previous Samsung coding projects , including Bada , a previous mobile phone operating system that Samsung discontinued . `` You can see that they took all this code and tried to push it into Tizen , '' Neiderman says . But most of the vulnerabilities he found Vulnerability-related.DiscoverVulnerability were actually in new code written specifically for Tizen within the last two years . Many of them are the kind of mistakes programmers were making twenty years ago , indicating that Samsung lacks basic code development and review practices to prevent and catch such flaws . But there 's a basic flaw in it whereby it fails to check if there is enough space to write the data , which can create a buffer overrun condition that attackers can exploit . A buffer overrun occurs when the space to which data is being written is too small for the data , causing the data to write to adjacent areas of memory . A Tizen stand at the at the Mobile World Congress 2015 in Barcelona , Spain . They use it on some data transmissions but not others , and usually not on ones that need it most . `` They made a lot of wrong assumptions about where they needed encryption , '' he says , noting that `` it 's extra work to move between secure connections and unsecure connections . '' This indicates that they did n't do it inadvertently but were making conscious decisions not to use SSL in those places , he says . Neiderman contacted Samsung months ago to report Vulnerability-related.DiscoverVulnerability the problems he found Vulnerability-related.DiscoverVulnerability but got only an automated email in response .

Recently we ’ ve been writing about LastPass more than seems healthy . March saw two rounds of serious flaws made public Vulnerability-related.DiscoverVulnerability by Google ’ s Tavis Ormandy ( quickly fixed Vulnerability-related.PatchVulnerability ) , which seemed like a lot for a single week . Days ago , news emerged Vulnerability-related.DiscoverVulnerability of a new issue ( also fixed Vulnerability-related.PatchVulnerability ) in the company ’ s two-factor/two-step authentication ( 2FA ) security . To coin a phrase , all serious flaws are serious – but some are more serious than others . This one matters for two reasons , only one of which will sound flippant : it wasn’t discovered Vulnerability-related.DiscoverVulnerability by Tavis Ormandy , who at times has seemed to be writing a novella on flaw-hunting with the company ’ s name on it . Another researcher with a taste for LastPass , researcher Martin Vigo , uncovered Vulnerability-related.DiscoverVulnerability the latest issue , and it ’ s the 2FA bit of the story that explains the angst . Two-factor authentication ( a term that also refers to more convenient but less secure two-step verification ) matters because it is the crown jewels of everyday security , especially for password managers such as LastPass . The flaws are explained Vulnerability-related.DiscoverVulnerability by Vigo in a slightly confusing way ( one compromise was subsequently shown not to be exploitable ) but cover overlapping weaknesses that might under specific circumstances allow 2FA to be bypassed when using Google ’ s Authenticator and QR codes . Again a user being logged into LastPass at the time of an attack is entirely possible . Significantly , LastPass quickly stopped using the login hash ( used to authenticate the master password without having to know it ) to retrieve Authenticator ’ s QR codes , and now sets a Cross-Site Request Forgery ( CSRF ) token to plug another weakness . We still don ’ t know why LastPass has been plagued by so many issues in such a short space of time – perhaps it ’ s just a big-name target worth researching – but some of these weaknesses appear to be in its design , the result of decisions to do things in a certain way , probably some years in the past .

All those affected are being offered one year of free access to identity theft protection services from CSID . BBC News notes that security researcher Chris Vickery uncovered Vulnerability-related.DiscoverVulnerability vulnerabilities in Topps databases back in December of 2015 and June of 2016 , but he was n't able to get a response from the company by email . It 's not clear whether the credit card breach Attack.Databreach was related to the flaws Vickery found Vulnerability-related.DiscoverVulnerability . A recent Thales e-Security survey of 1,016 U.S. adults found that fully 88 percent of respondents said they would stop using digital payments if they fell victim to cybercrime as a result of a data breach . Seventy percent said they would stop using digital payments if money was stolen from a linked bank account , 68 percent said they would do so if unauthorized charges appeared on a linked credit card account , and 59 percent said they would do so if their user name and password were stolen Attack.Databreach . `` The mobile payments industry needs to take note that their future success is based on trust , '' Thales e-Security director of payment strategy Jose Diaz said in a statement . `` And that trust can easily fail if they do not provide the strong protection of their infrastructure , transactions and data that customers expect . '' A separate Thales survey of 1,000 adults in the U.S. and the U.K. recently found that 55 percent of respondents would switch to only using cash at a retailer if they learned that credit card data had been stolen Attack.Databreach from its systems -- and 20 percent would stop shopping at that retailer altogether

The Internet Systems Consortium patched Vulnerability-related.PatchVulnerability the BIND domain name system this week , addressing Vulnerability-related.PatchVulnerability a remotely exploitable vulnerability it considers high severity and said could lead to a crash . The issue affects Vulnerability-related.DiscoverVulnerability servers that use both the DNS64 and RPZ function simultaneously . DNS64 is a mechanism for synthesizing AAAA records from A records . It ’ s traditionally used to allow IPv6-only clients to receive IPv6 addresses proxied to IPv4 addresses . The RPZ mechanism is used by Domain Name System recursive resolvers to allow for the customized handling of the resolution of collections of domain name information . Versions 9.8.8 , 9.9.3-S1 , 9.9.3 , 9.9.10b1 , 9.10.0 , and 9.10.5b1 , 9.11.0 are all considered vulnerable Vulnerability-related.DiscoverVulnerability , according to the ISC . When servers use both mechanisms simultaneously , a vulnerability ( CVE-2017-3135 ) that stems from query processing could result in an inconsistent state , triggering either an INSIST assertion failure or an attempt to read through a NULL pointer , according to a security advisory published Vulnerability-related.DiscoverVulnerability Wednesday . The INSIST assertion failure could lead to a subsequent abort , ISC said , while the NULL pointer in some instances can lead to a segmentation fault , which causes the process to be terminated . Ramesh Damodaran and Aliaksandr Shubnik , engineers at Infoblox , a Silicon Valley firm that does DNS , DHCP and IP management , uncovered Vulnerability-related.DiscoverVulnerability the vulnerability and reported Vulnerability-related.DiscoverVulnerability it to the ISC . Damodaran previously helped identified Vulnerability-related.DiscoverVulnerability an unspecified packet processing remote denial of service vulnerability in BIND 9 . The Internet Systems Consortium patched Vulnerability-related.PatchVulnerability the BIND domain name system this week , addressing Vulnerability-related.PatchVulnerability what it calls a critical error condition in the software . Researchers find industrial control system malware similar to BlackEnergy , Havex , and Stuxnet going undetected on Google VirusTotal for years . The Internet Systems Consortium ( ISC ) announced it is planning to patch Vulnerability-related.PatchVulnerability versions of its DHCP to mitigate Vulnerability-related.PatchVulnerability a denial of service vulnerability .