Palo Alto Networks Experts discovered a new version the wrecker Mirai, dubbed Mukashi. This version uses brute force and various combinations of default credentials, and also penetrates Zyxel's devices to gain control over them and then use them for DDoS attacks. Researchers explain that the Mukashi malware exploits the recently found and fixed vulnerability CVE-2020-9054,…
Tag: devices
More than a billion Android devices do not receive updates – Hacker
British analysts Which?The Consumer Protection Authority has calculated how many Android devices in the world are no longer supported and do not receive security updates. According to researchers, there are more than a billion of them, that is, two out of five Android devices do not receive important security updates from Google, which exposes them…
bug in MediaTek processors threatens millions of devices – Hacker
Google engineers prepared March update set for Android, within the framework of which more than 70 various vulnerabilities were fixed, including critical ones. The critical error CVE-2020-0032 has been fixed at security level 2020-03-01. This set of updates included a total of 11 vulnerabilities in the Media Framework, the framework, and the system itself. The…
Kr00k problem is dangerous for Wi-Fi devices with Broadcom and Cypress chips – Hacker
At the RSA 2020 conference, ESET specialists spoke about the new vulnerabilities Kr00k (CVE-2019-15126), which can be used to intercept and decrypt Wi-Fi traffic (WPA2). According to analysts, any device that uses the solutions of Cypress Semiconductor and Broadcom, from laptops and smartphones to routers and IoT devices, is susceptible to this problem. Experts tested…
Two-factor authentication for Ring and Nest devices made mandatory after recent attacks
In December 2019, the media drew attention to the frequent hacks of smart devices Ring and Nest, during which attackers not only compromised the devices, but also mocked their owners, broadcasting what was happening on the air and creating whole podcasts around it. Most of these hacks were carried out using conventional dictionary attacks or…
SupportAssist Installed on Dell Devices Found Problem Again
Dell developers will again patch the SupportAssist utility preinstalled on most Dell Windows computers. This time, using Dell SupportAssist, it was possible to execute code locally with elevated privileges, and low privileges were required to exploit the vulnerability. The issue has now been fixed with the release of SupportAssist for Business PC version 2.1.4 and…
Critical Vulnerabilities in Cisco Discovery Protocol Threaten Millions of Devices – Hacker
Armis specialists immediately discovered five serious vulnerabilities in the proprietary Cisco Discovery Protocol (CDP). Bugs got a common name Cdpwn. CDP has been in use since the 1990s and allows Cisco devices to exchange information with each other (via multicast messages distributed within the local network). CDP is not very famous, and you can rarely…
FAS has identified a list of Russian applications that will be preinstalled on devices
Federal Antimonopoly Service (FAS) of the Russian Federation developed the concept of a list of applicationsthat will be installed smartphones and other devices intended for sale in our country. Let me remind you that the corresponding law was signed in December 2019, and it will enter into force in several stages, the first of which…