Assorted[chips] Security Vulnerabilities

Security update for the Linux Kernel (important)

An update that solves 6 vulnerabilities and has 171 fixes is now available. Description: The openSUSE Leap 15.0 was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2019-2024: A use-after-free when disconnecting a source was fixed which...

SAS 2019: Joe FitzPatrick Warns of the '$5 Supply Chain Attack'

SINGAPORE – At the Security Analyst Summit this year in Singapore, Threatpost editor Tara Seals catches up with Joe FitzPatrick, researcher with Securing Hardware, who led a session during the conference titled “A Measured Response to a Grain of Rice: An Implant in the Shell.” After a 2018...

FortiAP Bleeding Bit Vulnerability

Some FortiAP models are vulnerable to the Bleeding Bit Vulnerability (CVE-2018-16986) present in the Texas Instruments WiFi...

Intel Patches High-Severity Flaws in Media SDK, Mini PC

Intel has released security updates addressing two high-severity vulnerabilities in its Intel Media Software Development Kit (SDK) and Intel NUC mini PC. Overall, the chip giant on Tuesday patched four flaws across its products; the most severe of these vulnerabilities exist in Intel’s Media...

Nvidia Fixes 8 High-Severity Flaws Allowing DoS, Code Execution

Nvidia has released fixes for eight high-severity vulnerabilities in its Linux for Tegra driver packages. The worst of these flaws could allow information disclosure, denial of service and code execution on impacted systems. Overall, the chipmaker on Tuesday released patches for 13 flaws that...

Google's April Android Security Bulletin Warns of 3 Critical Bugs

Google has fixed three critical remote code execution bugs in its Android operating system, which could allow a remote attacker to hijack a vulnerable system simply by sending a malicious file. The flaws are part of Google’s April Android Security Bulletin, which includes patches for three...

Intel VISA Tech Can Be Abused, Researchers Allege

UPDATE Researchers allege that a technology in Intel microchips could potentially be activated and abused by bad actors – giving them complete access to all data across an affected device. The Intel technology is called Visualization of Internal Signals Architecture (VISA), and is used for...

Security for Connected Devices

With this post, I want to continue from earlier discussions on security posted here and here and focus on Connected Devices or the Internet of Things (IoT). IoT typically represents a network of physical objects (or “things”) embedded with electronics, software, sensors, and connectivity to enable....

RSA Conference 2019: BleedingBit Flaws Continue to Plague Firms

UPDATE SAN FRANCISCO – Mobile key platform UniKey has patched vulnerabilities related to the infamous BleedingBit attack in its platform. BleedingBit is an issue in Bluetooth Low-Energy chips made by Texas Instruments (and used in millions of wireless access points), which was disclosed in...

Smart Ski Helmet Headphone Flaws Leak Personal, GPS Data

Researchers have found a slew of vulnerabilities in a pair of smart headphones designed to fit under ski helmets. The flaws could allow a bad actor to view victims’ personal information, track them and even listen to their private conversations via the headphones’ walkie-talkie function, which...

Hacking ski helmet audio

I love snow sports, and I also like my tunes, so purchasing the Outdoor Tech CHIPS smart headphones was a no-brainer. They fit into audio-equipped helmets and have huge 40mm drivers. Warm ears and good bass. Better yet, they’re touch sensitive even with gloves on and I can take calls handsfree....

Spectre, Google, and the Universal Read Gadget

Spectre, a seemingly never ending menace to processors, is back in the limelight once again thanks to the Universal Read Gadget. First seen at the start of 2018, Spectre emerged alongside Meltdown as a major potential threat to people’s system security. Meltdown and Spectre Meltdown targeted Intel....

Marvell Avastar wireless SoCs have multiple vulnerabilities

Overview Some Marvell Avastar wireless system on chip (SoC) models have multiple vulnerabilities, including a block pool overflow during Wi-Fi network scan. Description A presentation at the ZeroNights 2018 conference describes multiple security issues with Marvell Avastar SoCs (models 88W8787,...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-65)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via ...

A week in security (January 14 – 20)

Last week on the Malwarebytes Labs blog, we took a look at how the government shutdown is influencing cybersecurity jobs, Advanced Persistent Threats group APT10, the comeback of Fallout EK, the hosting of malicious sites on legitimate servers, and the Collection 1 data breach. Other cybersecurity....

Security update for the Linux Kernel (important)

An update that solves 11 vulnerabilities and has 131 fixes is now available. Description: The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c ...

Cryptocurrency Wallet Hacks Spark Dustup

LEIPZIG, GERMANY – Hardware based cryptocurrency wallets may not be as secure as promised. That’s the judgement of Dmitry Nedospasov, Thomas Roth and Josh Datko who together presented their research at a session here at the 35c3 conference called “wallet.fail.” In the talk the researchers...

Assessing the security of a portable router: a look inside its hardware, part deux

In part two of our blog assessing the security of a portable router, we will acquire the tools and equipment to make a copy of the firmware on our target router so that we can assess the full firmware. Sometimes, the manufacturer has an updated firmware that is available on their website. It could....

#OTTuesday: Five Technologies Shaping the Future of OTT

The world of OTT is changing radically with new innovations, from player technologies to standards convergence, propelling the industry forward. As 2018 comes to a close, AkamaiTV sat down with DASH legend and Akamai's very own Will Law to get his pulse on the major trends and technologies that...

openSUSE Security Update : the Linux Kernel (openSUSE-2018-1549)

The openSUSE Leap 42.3 kernel was updated to 4.4.165-81.1 to receive various bugfixes. The following non-security bugs were fixed : 9p locks: fix glock.client_id leak in do_lock (bnc#1012382). 9p: clear dangling pointers in p9stat_free (bnc#1012382). ACPI / LPSS: Add alternative ACPI...

Security update for the Linux Kernel (important)

The openSUSE Leap 42.3 kernel was updated to 4.4.165-81.1 to receive various bugfixes. The following non-security bugs were fixed: 9p locks: fix glock.client_id leak in do_lock (bnc#1012382). 9p: clear dangling pointers in p9stat_free (bnc#1012382). ACPI / LPSS: Add alternative ACPI HIDs for...

Google Patches 11 Critical RCE Android Vulnerabilities

Remote code-execution (RCE) vulnerabilities dominated Google’s December Android Security Bulletin. The flaws are part of a total of 53 unique bugs patched by the Android security team, with a total number of 11 critical bugs – six of which are RCE flaws tied to the operating system’s Media...

That Bloomberg Supply-Chain-Hack Story

Back in October, Bloomberg reported that China has managed to install backdoors into server equipment that ended up in networks belonging to -- among others -- Apple and Amazon. Pretty much everybody has denied it (including the US DHS and the UK NCSC). Bloomberg has stood by its story -- and is...

Cyberthreats to financial institutions 2019: overview and predictions

Kaspersky Security Bulletin: Threat Predictions for 2019 Threat predictions for industrial security in 2019 Cryptocurrency threat predictions for 2019 Introduction – key events in 2018 The past year has been extremely eventful in terms of the digital threats faced by financial institutions:...

Chip Cards Fail to Reduce Credit Card Fraud in the US

A new study finds that credit card fraud has not declined since the introduction of chip cards in the US. The majority of stolen card information comes from hacked point-of-sale terminals. The reasons seem to be twofold. One, the US uses chip-and-signature instead of chip-and-PIN, obviating the...

[SECURITY] [DLA 1573-1] firmware-nonfree security update

Package : firmware-nonfree Version : 20161130-4~deb8u1 CVE ID : CVE-2016-0801 CVE-2017-0561 CVE-2017-9417 CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 Debian Bug : 620066 724970 769633 774914 790061 793544 793874...

Debian DLA-1573-1 : firmware-nonfree security update (KRACK)

Several vulnerabilities have been discovered in the firmware for Broadcom BCM43xx wifi chips that may lead to a privilege escalation or loss of confidentiality. CVE-2016-0801 Broadgate Team discovered flaws in packet processing in the Broadcom wifi firmware and proprietary drivers that could lead.....

Apple Modernizes Its Hardware Security with T2

When Apple launched its latest MacBook Air last month, one of its more unusual features is that the built-in microphone automatically turns off when the lid is closed. Apple introduced the feature to eliminate any possibility of malware – or other unwanted applications – using the laptop’s...

The x86 Processor Fuzzer: sandsifter

Your computer is not yours. You may have shelled out thousands of dollars for it. It may be sitting right there on your desk. You may have carved your name deep into its side with a blowtorch and chisel. But it’s still not yours. Some vendors are building secret processor registers into your...

Bluetooth Chip Bugs Affect Enterprise Wi-Fi, as Hackers Exploit Cisco 0-Day

In this latest roundup of cyber security news, we look at serious Bluetooth chip-level bugs, a zero-day vulnerability on Cisco software, a raft of Apple security fixes, and a massive customer data breach at Cathay Pacific. Enterprise Wi-Fi access points vulnerable to Bluetooth bug A pair of...

Which Threats had the Most Impact During the First Half of 2018?

One of the best ways for organizations to shore up their data security efforts and work toward more proactive protection is by examining trends within the threat environment. Taking a look at the strategies for attack, infiltration and infection currently being utilized by hackers can point toward....

PortSmash Side Channel Attack Siphons Data From Intel, Other CPUs

Yet another side-channel attack, this time dubbed PortSmash, has been discovered in CPUs. The attack allows attackers to manipulate a glitch in the simultaneous multithreading (SMT) architecture used in CPUs — and siphon processed data from chips. Several attacks have popped up over the past year.....

Feds accuse Chinese firm of stealing trade secrets of US tech giant

By Uzair Amir The US Justice Department has accused China to be involved in industrial espionage. According to a press release from the department, the Chinese government has made memory chips that store data its centralized science and technology strategy only to cover its espionage activities....

Two New Bluetooth Chip Flaws Expose Millions of Devices to Remote Attacks

Security researchers have unveiled details of two critical vulnerabilities in Bluetooth Low Energy (BLE) chips embedded in millions of access points and networking devices used by enterprises around the world. Dubbed BleedingBit, the set of two vulnerabilities could allow remote attackers to...

Two Zero-Day Bugs Open Millions of Wireless Access Points to Attack

UPDATE Two zero-day vulnerabilities in Bluetooth Low-Energy chips made by Texas Instruments (and used in millions of wireless access points) open corporate networks to crippling stealth attacks. Adversaries can exploit the bugs by simply being approximately 100 to 300 feet from the vulnerable...

Texas Instruments Bluetooth Low Energy Denial of Service and Remote Code Execution Vulnerability

On November 1st, 2018, Armis announced the presence of a Remote Code Execution (RCE) or Denial of Service (DoS) vulnerability in the Bluetooth Low Energy (BLE) Stack on Texas Instruments (TI) chips CC2640 and CC2650. This vulnerability has been assigned the Common Vulnerabilities and Exposures...

Texas Instruments CC2640 and CC2650 microcontrollers vulnerable to heap overflow and insecure update

Overview Texas Instruments CC2640 and CC2650 microcontrollers are vulnerable to a heap overflow and may allow unauthenticated firmware installation. Description CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CVE-2018-16986 - also known as BLEEDINGBIT The following....

Ghost hardware. Device No.2, the Boo Buddy

The “Boo Buddy” is sold as a “trigger object” with a wide range of internal functionality such as EMF, motion and temperature detection. It’s a “trigger object”, in the sense that it is designed to evoke the spirits of children, who might be drawn in by the presence of a toy. Many people have...

This Week in Security News: Toll Fraud & Small Business Struggles

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn why telecommunications fraud has turned into a multi-billion euro criminal industry. Also, understand what cybersecurity struggles...

Apple, Amazon in a Tussle with Bloomberg over Spy Chips Report

In our latest security news digest, we delve into the brouhaha over Chinese spy chips, check out the latest in Facebook's investigation of its recent hack, and look at Google's controversial decision to delay disclosing a potential data breach. Bloomberg's spy chip report stuns tech industry, then....

Security in a World of Physically Capable Computers

It's no secret that computers are insecure. Stories like the recent Facebook hack, the Equifax hack and the hacking of government agencies are remarkable for how unremarkable they really are. They might make headlines for a few days, but they're just the newsworthy tip of a very large iceberg. The....

OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0266)

The remote OracleVM system is missing necessary patches to address critical security updates : bnxt_en: xdp: don't make drivers report attachment mode (partial backport) (Somasundaram Krishnasamy) [Orabug: 27988326] bpf: make bnxt compatible w/ bpf_xdp_adjust_tail (Nikita V....

Bloomberg blunder highlights supply chain risks

Ooh boy! Talk about a back-and-forth, he said, she said story! No, we’re not talking about that Supreme Court nomination. Rather, we’re talking about Supermicro. Supermicro manufacturers the type of computer hardware that is used by technology behemoths like Amazon and Apple, as well as government....

Unbreakable Enterprise kernel security update

[4.1.12-124.20.1] - bnxt_en: xdp: don't make drivers report attachment mode (partial backport) (Somasundaram Krishnasamy) [Orabug: 27988326] - bpf: make bnxt compatible w/ bpf_xdp_adjust_tail (Nikita V. Shirokov) [Orabug: 27988326] - bnxt_en: add meta pointer for direct access (partial...

New Ninth-Gen Intel CPUs Shield Against Some Spectre, Meltdown Variants

Intel’s new ninth-generation CPUs come packed with hardware-based protections against two variants of the infamous Meltdown and Spectre speculative execution attacks. The ninth-generation desktop Core processors are dubbed Coffee Lake, and became available for preorder on Tuesday. they’re built to....

Sandsifter - The X86 Processor Fuzzer

The sandsifter audits x86 processors for hidden instructions and hardware bugs, by systematically generating machine code to search through a processor's instruction set, and monitoring execution for anomalies. Sandsifter has uncovered secret processor instructions from every major vendor;...

openSUSE Security Update : the Linux Kernel (openSUSE-2018-1140)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in a way an authentication request from an ISCSI ...

Security update for the Linux Kernel (important)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in a way an authentication request from an ISCSI...

Network Security Monitoring vs Supply Chain Backdoors

On October 4, 2018, Bloomberg published a story titled “The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies,” with a subtitle “The attack by Chinese spies reached almost 30 U.S. companies, including Amazon and Apple, by compromising America’s technology supply chain, according to....

Supply Chain Security is the Whole Enchilada, But Who’s Willing to Pay for It?

From time to time, there emerge cybersecurity stories of such potential impact that they have the effect of making all other security concerns seem minuscule and trifling by comparison. Yesterday was one of those times. Bloomberg Businessweek on Thursday published a bombshell investigation...