EUVD-2019-16056

Malware in sbrugna...

EUVD-2020-18767

Malware in sbrugna...

CVE-2021-22671

Multiple integer overflow issues exist while processing long domain names, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to v4.10.03, CC13X2 and CC26XX SDK versions prio...

Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP

Nearly two dozen security vulnerabilities have been disclosed in Advantech EKI industrial-grade wireless access point devices, some of which could be weaponized to bypass authentication and execute code with elevated privileges. "These vulnerabilities pose significant risks, allowing...

New Wi-Fi Vulnerabilities Expose Android and Linux Devices to Hackers

Cybersecurity researchers have identified two authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that could trick users into joining a malicious clone of a legitimate network or allow an attacker to join a trusted network without a password. Th...

MGASA-2021-0258 Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.10.43 and fixes at least the following security issues: The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that received fragments be cleared from memory after reconnecting ...

SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1887-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1887-1 advisory. - The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require th...

AVM FRITZ!Box Multiple Wi-Fi Vulnerabilities (FragAttacks)

AVM FRITZ!Box devices are prone to multiple Wi-Fi vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:avm:fritz%21os...

FragAttack: New Wi-Fi vulnerabilities that affect… basically everything

A new set of vulnerabilities with an aggressive name and their own website almost always bodes ill. The name FragAttack is a contraction of fragmentation and aggregation attacks, which immediately indicates the main area where the vulnerabilities were found. The vulnerabilities are mostly in how...

CVE-2020-24588

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames which is mandatory as part of 802.11...

Julian Assange, a Big Yahoo Fine, and More Security News This Week

Plus: Wi-Fi vulnerabilities, Silk Road 2's founder, and more of the week's top security news...

Apple Releases Security Update for Boot Camp

Apple has released a security update to address vulnerabilities in Wi-Fi for Boot Camp 6.4.0. An attacker could exploit these vulnerabilities to obtain access to sensitive information. NCCIC encourages users and administrators to review Apple’s security page for Wi-Fi Update for Boot Camp 6.4.0 a...

SUSE-SU-2017:3154-1 Security update for the Linux Kernel (Live Patch 19 for SLE 12)

This update for the Linux Kernel 3.12.61-5266 fixes several issues. The following security issues were fixed: - CVE-2017-15649: net/packet/afpacket.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packetfanout data structures, becau...

SUSE-SU-2017:3160-1 Security update for the Linux Kernel (Live Patch 20 for SLE 12)

This update for the Linux Kernel 3.12.61-5269 fixes several issues. The following security issues were fixed: - CVE-2017-15649: net/packet/afpacket.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packetfanout data structures, becau...

SUSE-SU-2017:3139-1 Security update for the Linux Kernel (Live Patch 6 for SLE 12 SP2)

This update for the Linux Kernel 4.4.49-9214 fixes several issues. The following security issues were fixed: - CVE-2017-15649: net/packet/afpacket.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packetfanout data structures, becaus...

SUSE-SU-2017:3120-1 Security update for the Linux Kernel (Live Patch 13 for SLE 12 SP2)

This update for the Linux Kernel 4.4.74-9238 fixes several issues. The following security issues were fixed: - CVE-2017-15649: net/packet/afpacket.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packetfanout data structures, becaus...

SUSE-SU-2017:3103-1 Security update for the Linux Kernel (Live Patch 23 for SLE 12)

This update for the Linux Kernel 3.12.61-5280 fixes several issues. The following security issues were fixed: - CVE-2017-15649: net/packet/afpacket.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packetfanout data structures, becau...

On ROCA, KRACK, BoundHook, Google Advanced Protection

Threatpost editors Mike Mimoso and Tom Spring recap this week’s infosec news starting with the ROCA vulnerabilities affecting factorization of RSA private keys, the KRACK WPA2 Wi-Fi vulnerabilities, the BoundHook attacks, and Google’s introduction of Advanced Protection for Gmail. Download: Music...