IT and Business Insights for SMB Solution Providers

Jay Ferron's blog

Bluetooth Vulnerability

  Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange.

Overview

Bluetooth firmware or operating system software drivers may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.

Another type of phishing attack

Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.

Here a new one that has started to circulate.
__________________________________________

You don't know me and you're thinking why you received this e mail, right?

Keen Security Lab Finds 14 Security Vulnerabilities in BMW Vehicles

The Chinese cybersecurity research team known as Keen Security Lab has disclosed 14 security vulnerabilities affecting a range of BMW vehicles. Eight of the flaws affect the infotainment system, four affect the Telematics Control Unit (TCU), and two affect the Central Gateway Module (CGM). The TCU handles remote communication in the vehicle, such as the ability to unlock the doors remotely.

Read My Mail, Please…

It was announced that European researchers discovered that the popular PGP and S/MIME email encryption standards are vulnerable to being hacked. Dubbed EFAIL, it is described as vulnerabilities in the end-to-end encryption technologies OpenPGP and S/MIME. From the website, EFAIL abuses active content of HTML emails to exfiltrate plaintext through requested URLs.

Red Hat DHCP: Gateway to Full Root Access

Red Hat Enterprise Linux (RHEL) is a popular distribution used by many organizations for servers and other network endpoints. Two free versions of the operating system have also branched out of RHEL, Fedora and CentOS. US-CERT issued an alert Wednesday that a critical vulnerability had been discovered in the Network Manager application and how it handles Dynamic Host Configuration Protocol (DHCP) responses. With these responses, this vulnerability could lead to commands being run on the system with full root privileges.

Necurs Recurs!

Since 2012, the Necurs botnet has been an evolving work horse of a botnet, backing up the Jaff ransomware, Dridex banking Trojan, and Locky ransomware campaigns. Most recently it has been found pushing URL files with misleading icons to trick victims into exposing themselves to the malware of the attacker’s choice. It eludes some spam filters by contacting the command and control server instead of directly downloading the malware.

Pages

Subscribe to RSS - Jay Ferron's blog