11.5 C
London
Sunday, October 22, 2017

VU#228519: Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to...

Wi-Fi Protected Access(WPA,more commonly WPA2)handshake traffic can be manipulated to induce nonce and session key reuse,resulting in key reinstallation by a wireless access point(AP)or client.

An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used.

Attacks may include arbitrary packet decryption and injection,TCP connection hijacking,HTTP content injection,or the replay of unicast and group-addressed frames.

These vulnerabilities are referred to as Key Reinstallation Attacks orKRACKattacks.

Cyberespionage Group Steps Up Campaigns Against Japanese Firms

Researchers unearth new tactics and strategies used by the criminals behind the hacking group known as Bronze Butler.

Hyatt Hit By Credit Card Breach, Again

Hyatt said its payment systems have been breached, exposing credit card data from 41 hotels in 11 countries between March and July this year.

Google Busy Removing More Malicious Chrome Extensions from Web Store

Three malicious Chrome extensions spoofing AdBlock Plus were removed from the Chrome Web Store this week.

Chris Brook Says Farewell to Threatpost

Staff writer Chris Brook says farewell to Threatpost after eight years on the site. He and Mike Mimoso talk about Threatpost's early days and how the site grew up alongside the security industry.

Legacy Office Feature Used In Novel Document Attacks

A forgotten feature in Microsoft Office allows attackers to bypass antivirus scanners and pull off document-based attacks to install malware.

Locky Gets Updated to ‘Ykcol’, Part of Rapid-Fire Spam Campaigns

Researchers say in a 30-day period cybercriminals behind the Locky ransomware have updated the malware three times and have stepped up spam campaigns.

Equifax Takes Down Compromised Page Redirecting to Adware Download

Equifax has temporarily taken down one of its consumer-facing credit report services after the webpage was compromised and serving adware via a phony Flash Player download.

VU#590639: NXP Semiconductors MQX RTOS contains multiple vulnerabilities

The NXP Semiconductors MQX RTOS prior to version 5.1 contains a buffer overflow in the DHCP client,which may lead to memory corruption allowing an attacker to execute arbitrary code,as well as an out of bounds read in the DNS client which may lead to a denial of service.

Down the Rabbit Hole with a BLU Phone Infection

Much-maligned BLU phones have been a privacy and spyware nightmare.

Threatpost shares the story of one victim who experienced firsthand a relentless wave of unwanted programs, spyware and frustration.

Vendor BPC Banking Silent on Patching SQL Injection in SmartVista Ecommerce...

A popular ecommerce platform sold in 60 countries suffers from a SQL injection vulnerability privately disclosed in April that has yet to be patched by the vendor.

iOS Password Prompts are Ripe for Abuse

Apple’s password prompts for iOS devices are an easy target for phishing attacks to steal iTunes passwords and IDs.