|
|
| BlackNurse DDoS Takes Just One Laptop to Nix a Network BlackNurse DDoS is taking one of the D’s out of DDoS. BlackNurse uses a ping flood attack that leverages known exploits in firewalls and routers from Cisco, PaloAlto and others. This attack does not have to be distributed to be effective, it will max out the CPU of the device which effectively shuts down the device. Mitigations to this attack are covered in the article. WordPress Plugins Leave Black Friday Shoppers Vulnerable |
|
| iOS 10 Passcode Bypass Can Access Photos, Contacts A vulnerability in iOS 8,9, and 10 can allow the passcode to be bypassed. Siri is being used to bypass the passcode in this attack. Physical access to a Siri enabled iPhone is needed for the attack to work. This attack can be mitigated by disabling Siri on the lockscreen. At this time Apple has not said what it plans to do regarding this bypass attack. |
|
| Backdoor Found in Firmware of Some Android Devices Up to 3 million low end android phones are vulnerable to an over-the-air (OTA) update compromise. The compromise does enable remote execution with root privileges. Unencrypted communication used in the OTA enables a man-in-the-middle attack. BLU has acknowledged the flaw and will be issuing a fix, other vendors have not made a statement at this time. |
|
| Great. Now Even Your Headphones Can Spy on You Maybe you cover your laptops camera and even physically disable the microphone on your laptop to avoid eavesdropping. Researchers have figured out a way to get around this if you use headphones with your laptop. The attack uses a little know feature of RealTek audio chips that allow headphones to be used as a mic, the audio can be recorded also. |