Assorted[chips] Security Vulnerabilities

Android Qualcomm GPS/GNSS Man-In-The-Middle

Exploit for Android platform in category local...

Google Android - gpsOneXtra Data Files Denial of Service

Google Android - gpsOneXtra Data Files Denial of...

Allwinner 3.4 Legacy Kernel - Local Privilege Escalation (Metasploit)

...

Android Qualcomm GPS/GNSS Man-In-The-Middle

...

Allwinner 3.4 Legacy Kernel Local Privilege Escalation

Exploit for hardware platform in category remote...

Allwinner 3.4 Legacy Kernel Local Privilege Escalation

...

Patched Android Libutils Vulnerability Harkens Back to Stagefright

This week’s Android Security Bulletin patched a calamity of vulnerabilities that threatened almost every device in circulation and illustrated the fragility of the Android ecosystem. The bulletin addressed more than 50 vulnerabilities, including nine rated critical by Google because of the...

Google Shares Android Nougat, Safe Browsing Security Enhancements

Google this week shared with developers security enhancements it has added to the new Nougat version of Android and additional security features for webmasters via Safe Browsing to help pinpoint harmful content on websites. Under the banner of its nine-year-long Safe Browsing initiative, Google...

Google Patches Quadrooter Vulnerabilities in Android

The Quadrooter vulnerabilities made a lot of people take notice because the scale of affected Android devices (more than 900,000) put it on a level with Stagefright and other bugs that impact a large majority of the Android ecosystem. Some details on the four vulnerabilities were publicly...

This Open Source 25-Core Processor Chip Can Be Scaled Up to 200,000-Core Computer

Researchers have designed a new computer chip that promises to boost the performance of computers and data centers while processing applications in parallel. Princeton University researchers have developed a 25-core open source processor, dubbed Piton named after the metal spikes used by rock...

Embedded Hardware Hacking 101 – The Belkin WeMo Link

Why Embedded Hacking? Devices that are connected to the Internet or run a full operating system are becoming more and more prevalent in today’s society. From devices for locomotives to wireless light switches, the Internet of Things (IoT) trend is on the rise and here to stay. This has the...

Embedded Hardware Hacking 101 – The Belkin WeMo Link

Why Embedded Hacking? Devices that are connected to the Internet or run a full operating system are becoming more and more prevalent in today’s society. From devices for locomotives to wireless light switches, the Internet of Things (IoT) trend is on the rise and here to stay. This has the...

Qualcomm Chip Flaw Leaves 900m Android Devices Open to Attack

Four vulnerabilities found in Qualcomm chips used in 900 million Android devices leave affected phones and tablets open to attacks that could give hackers complete system control. Researchers at Check Point who found the flaw are calling the vulnerability Quadrooter and say that a patch isn’t...

KeySniffer Lets Hackers Steal Keystrokes from Wireless Keyboards

Radio-based wireless keyboards and mice that use a special USB dongle to communicate with your PC can expose all your secrets – your passwords, credit card numbers and everything you type. Back in February, researchers from the Internet of things security firm Bastille Networks demonstrated how...

KeySniffer Vulnerability Opens Wireless Keyboards to Snooping

Wireless keyboards made by eight different companies suffer from a vulnerability that can allow attackers to eavesdrop on keystrokes from up to 250 feet away, researchers warned Tuesday. If exploited, the vulnerability, dubbed KeySniffer, could let an attacker glean passwords, credit card numbers,....

Japan's Softbank buys semiconductor giant ARM for $32 Billion in Cash

Japanese telecommunication giant SoftBank has confirmed that the company intends to acquire UK chip designer ARM Holdings for almost $32 Billion (£24.3 Billion) in an all-cash deal. ARM has also agreed to this offer from SoftBank and said that its board would recommend the all-cash deal to...

Android KeyStore Encryption Scheme Broken, Researchers Say

The default implementation for KeyStore, the system in Android designed to store user credentials and cryptographic keys, is broken, researchers say. In a an academic paper published this week, researchers argue that the particular encryption scheme that KeyStore uses fails to protect the...

Encryption Bypass Vulnerability Impact Half Android Devices

A flaw in chipmaker Qualcomm’s mobile processor, used in 60 percent of Android mobiles, allows attackers to crack full disk encryption on the device. Only 10 percent of Android devices running Qualcomm processors are not vulnerable to this type of attack. Researchers at Duo Labs said the...

How to Crack Android Full Disk Encryption on Qualcomm Devices

The heated battle between Apple and the FBI provoked a lot of talk about Encryption – the technology that has been used to keep all your bits and bytes as safe as possible. We can not say a lot about Apple's users, but Android users are at severe risk when it comes to encryption of their...

China develops the World's Most Powerful Supercomputer without US chips

China beats its own record with the World's fastest supercomputer. Sunway TaihuLight, a newly built supercomputer from China, now ranks as the world's most powerful machine. During the International Supercomputer Conference in Germany on Monday, Top500 declared China's 10.65 Million-core...

Critical Qualcomm flaw puts millions of Android devices at risk

Google has patched a high-severity vulnerability that has been around for the last five years, potentially leaving users' text messages, call histories, and other sensitive data open to snooping. The vulnerability, CVE-2016-2060, affects Android versions 4.3 and earlier that use the software...

Old Android Flaw Elevates Privileges, Steals SMS, Call Logs

A five-year-old Android vulnerability disclosed today affects hundreds of different device models going back to Jelly Bean 4.3. Older devices are at the greatest risk; newer devices running Android with SE Android, the OS’ implementation of Security Enhanced Linux, are at a lesser risk. The...

Exploiting CVE-2016-2060 on Qualcomm Devices

Mandiant’s Red Team recently discovered a widespread vulnerability affecting Android devices that permits local privilege escalation to the built-in user “radio”, making it so an attacker can potentially perform activities such as viewing the victim’s SMS database and phone history. The...

This Tiny Computer has no Battery, Powered Wirelessly from Radio Waves

No matter how smart and fast your devices would be, the biggest issue is always with the battery technology. Whenever you go to buy any electronic gadget — smartphone, laptop, or any wearable — the most important specification isn’t its processor speed or its camera quality but its Battery...

Hacker Hijacks a Police Drone from 2 Km Away with $40 Kit

A researcher has demonstrated how easy it is to steal high-end drones, commonly deployed by government agencies and police forces, from 2 kilometres away with the help of less than $40 worth of hardware. The attack was developed by IBM security researcher Nils Rodday, who recently presented his...

Attention Turns to FBI's 'Outside Party'

The FBI’s motion for a continuance in its case against Apple has opened a new avenue in this debate as to the identity and means by which the mystery “outside party” could unlock terrorist Syed Farook’s iPhone. Late yesterday afternoon, the FBI filed a motion to vacate a hearing scheduled for...

More than a Billion Snapdragon-based Android Phones Vulnerable to Hacking

More than a Billion of Android devices are at risk of a severe vulnerability in Qualcomm Snapdragon chip that could be exploited by any malicious application to gain root access on the device. Security experts at Trend Micro are warning Android users of some severe programming blunders in...

Clarke: Precedent-Seeking FBI Won't Ask NSA to Unlock Phone

The National Security Agency’s silence in the Apple-FBI story is probably not so surprising. But that hasn’t stopped people from dragging the NSA’s name into the conversation. The latest to do so is Richard Clarke, former counterterrorism chair under presidents George H.W. Bush and Bill Clinton....

Delicate Hardware Hacks Could Unlock Shooter's iPhone

A researcher at IOActive believes the U.S. intelligence community has the capability to carry out a delicate hardware hack that could unlock the iPhone 5c at the center of the current FBiOS debate. The attack requires considerable financial resources and acumen with an intrusive attack against the....

MIT Develops Hack-Proof RFID Chip — Here's How It Works

Do you know about RFID chips and how many you are carrying at this moment? Today, RFID chips are built-in all sorts of items, including your credit cards, travel swipe cards, library books, grocery store cards, security tags, implanted medical records, passports and even the access cards provided.....

Hacking Smartphones Running on MediaTek Processors

A dangerous backdoor has been discovered in the MediaTek processor that could be exploited to hack Android devices remotely. MediaTek is a Taiwan-based hardware company that manufacture hardware chips and processor used in the smartphones and tablets. The backdoor was discovered by security...

Credit Card Magstripe Spoofer: MagSpoof

MagSpoof is a device that can spoof/emulate any magnetic stripe or credit card. It can work “wirelessly”, even on standard magstripe/credit card readers, by generating a strong electromagnetic field that emulates a traditional magnetic stripe card. MagSpoof does not enable you to use credit cards.....

N3XT — Advanced CHIP that Could Make Your Computer 1000 Times Faster

Researchers have come up with an all new way to revolutionize the standard computer chip that comes inbuilt in all our electronics. Researchers from Carnegie Mellon, Stanford, and t_he University of California_, Berkeley among others, have invented a new material that could replace the 'silicon'...

Meet The World's First Person Who Hacked His Body to Implant a Bitcoin Payment CHIP

Hackers are now going crazy and trying new ways in Biohacking. Until now, we have seen a hacker who implanted a small NFC chip in his hand in order to hack Android smartphones and bypass almost all security measures. However, now the level of craziness has gone to a whole new level. A Swedish...

How Hackers Can Hack Your Chip-and-PIN Credit Cards

October 1, 2015, was the end of the deadline for U.S. citizens to switch to Chip-enabled Credit Cards for making the transactions through swipe cards safer. Now, a group of French forensics researchers have inspected a real-world case in which criminals played smart in such a way that they did a...

Oracle: Security Advisory (ELSA-2015-3064)

The remote host is missing an update for...

Chip-and-PIN Credit Cards and The Deadline: Here's What You need To Know

October 1 Liability shift ENDS! Today, 1st October 2015, is the deadline for US-based Banks and Retailers to roll out Chip-embedded Credit Cards (powered by EVM Technology) to customers that will make transactions more secure. EVM Technology stands for Europay, MasterCard _and _Visa -- a global...

This Computer Chip Self-Destructs in 10 Seconds (On Command) to keep Secrets Safe

The Secret Messages are often designed to be destroyed without a trace. In Spy thriller movie “Mission Impossible”, every time Tom Cruise receives a secret message, the last words state - “This Tape message will self-destruct in 5 seconds”...and BOOM! There’s a sudden explosion, and smoke comes...

THN Weekly Roundup — 15 Most Popular Cyber Security and Hacking News Stories

We are once again here with our weekly round up based on last week’s top cyber security threats and challenges. I recommend you to read the entire thing (just click ‘Read More’ because there’s some valuable advice in there as well ). Here’s the list: 1. Reminder! If You have not yet, Turn Off...

Samsung Launches 6GB RAM Chips for Next Generation Smartphones

With Launch of Galaxy S6 and Galaxy S6 Edge, Samsung was the first one to bring 4GB RAM access in the Android mobile phones; with Samsung Note 5 and the current OnePlus 2 carrying the same RAM capacity. Now, today Samsung has again taken the technology a step further with the launch of 12GB...

RollJam — $30 Device That Unlocks Almost Any Car And Garage Door

We have talked a lot about car hacking. Recently researchers even demonstrated how hackers can remotely hijack Jeep Cherokee to control its steering, brakes and transmission. Now, researchers have discovered another type of car hack that can be used to unlock almost every car or garage door. You...

Unbreakable Enterprise kernel security , bug fix and enhancement update

kernel-uek [3.8.13-98] - KVM: x86: SYSENTER emulation is broken (Nadav Amit) [Orabug: 21502729] {CVE-2015-0239} {CVE-2015-0239} - fs: take i_mutex during prepare_binprm for set[ug]id executables (Jann Horn) [Orabug: 21502159] {CVE-2015-3339} [3.8.13-97] - add ql2400, ql2500 firmware versions...

Security update for the Linux Kernel (important)

The SUSE Linux Enterprise 12 kernel was updated to version 3.12.43 to receive various security and bugfixes. Following security bugs were fixed: CVE-2014-3647: arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 did not properly perform RIP changes, which ...

Justice Department Charges Six Chinese Nationals with Insider Theft

The Justice Department has issued a 32-count indictment including charges of economic espionage and theft of trade secrets against a pair of Chinese professors along with four other citizens of the People’s Republic of China. Authorities last Sunday arrested one of the alleged, Professor Hao Zhang....

Crazy! Hacker Implants NFC Chip In His Hand To Hack Android Phones

There is a very sleek line between hacking and security. The security used to protect the public could be misused by hackers against the public itself, and one shouldn’t forget that with the advance in technology, the techniques used by cyber criminals also improves. Today, **What hackers need to.....

PayPal Wants To Integrate Password with Human Body

You would have been holding a number of online accounts for different services, but how many of you hold a different and unique password for every single account? Probably a very few of you. The majority of people have one or two passwords that are quite simple and easy to remember and comfortably....

High-Speed Packet Generator: MoonGen

MoonGen is a high-speed scriptable packet generator. The whole load generator is controlled by a Lua script: all packets that are sent are crafted by a user-provided script. Thanks to the incredibly fast LuaJIT VM and the packet processing library DPDK, it can saturate a 10 GBit Ethernet link with....

DRAM chip kernel mention the right vulnerability analysis-vulnerability warning-the black bar safety net

Security researchers found in the Intel PC on Linux systems you can use certain types of DDR DRAM chips in the presence of physical defects to obtain the highest system privileges. This technique is known as“Rowhammer”, which may make the recent generation of DRAM chips times the memory access...

kernel security, bug fix, and enhancement update

[3.10.0-229] - Oracle Linux certificates (Alexey Petrenko) [3.10.0-229] - [net] rtnetlink: allow to register ops without ops->setup set (Jiri Benc) [1186492] [3.10.0-228] - [fs] NFSv4.1: Fix an Oops in nfs41_walk_client_list (Steve Dickson) [1185784] - [misc] redhat: dont suppress Revert patches...

Rowhammer Hardware Exploit Poses Threat DRAM Memory in Many Laptops, PCs

Software, from web apps, to operating systems to firmware, has been abused and exploited every which way from Sunday for decades by both researchers and attackers. Now, it is hardware’s turn in the spotlight, as researchers have published details of a new method for exploiting a problem with some.....