Assorted[chips] Security Vulnerabilities

Payment Card processing services upgrading to Chip-and-PIN and Point-to-Point Encryption

The massive data breaches in U.S retailers 'Target' and 'Neiman Marcus', in which financial credentials of more than 110 million and 1.1 million customers were compromised respectively, have put a spotlight on the need for more secure transactions. To tackle this issue, the two major payment card.....

Boeing launches Ultra-Secure 'Black' Smartphone that has Self-Destruct Feature

Looking for a Secure Smartphone? World's biggest Aerospace company - Boeing is finally close to the launch of its high-security Android Smartphone, called "Boeing Black (H8V-BLK1)", primarily designed for secure communication between Governmental agencies and their contractors. Encrypted email,...

IBM developing Self-Destructing Microchips for US Defense

Science Fiction Movies always show the possible direction of the development of technology and gives us the opportunity to think about it. The U.S. Government is also trying to develop such technology that was introduced in movies like Star Trek and TERMINATOR i.e. Self destructing Network of...

MicroSD Cards Vulnerable to MITM, Hacking

Researchers demonstrated yesterday at the Chaos Communication Congress in Hamburg that they could write arbitrary code onto various SD memory cards, a hack that could give attackers the ability to perform man-in-the-middle attacks on devices housing the cards, as well as give users access to an...

FreeBSD Bans Intel, Via Chips

FreeBSD, the open-source operating system, announced that it will no longer support Intel’s RdRand and Via Technology’s Padlock on-chip random number generators (RNGs) moving forward in new versions of the UNIX-like operating system. The move apparently follows reports from earlier this year that.....

Matthew Green on How NSA Breaks SSL

In order for the National Security Agency to collect the massive amounts of communication it has from email and Web traffic, it needs to elude, leapfrog or bash through the barrier that is SSL. How it’s doing so is the real question, one that noted Johns Hopkins cryptographer Matthew Green wants...

China is planting spying microchips in Electric Iron and kettles that can scan Wi-Fi devices to serve malware

We have discussed many times in our stories the network of Intelligent devices, their capabilities and the possibilities that cyber criminals could exploit them for illegal activities. Hidden chips are used by cyber criminals and state-sponsored hackers to infiltrate company networks and...

China is planting spying microchips in Electric Iron and kettles that can scan Wi-Fi devices to serve malware

We have discussed many times in our stories the network of Intelligent devices, their capabilities and the possibilities that cyber criminals could exploit them for illegal activities. Hidden chips are used by cyber criminals and state-sponsored hackers to infiltrate company networks and...

Integrated circuits can be compromised using Undetectable hardware Trojans

A team of researchers from the U.S. and Europe has developed a Hardware Trojan, which is an undetectable to many techniques, raising the question on need of proper hardware qualification. They released a paper on stealthy Dopant-Level Hardware Trojans, showing how integrated circuits used in...

Integrated circuits can be compromised using Undetectable hardware Trojans

A team of researchers from the U.S. and Europe has developed a Hardware Trojan, which is an undetectable to many techniques, raising the question on need of proper hardware qualification. They released a paper on stealthy Dopant-Level Hardware Trojans, showing how integrated circuits used in...

Security update for Linux kernel (important)

The SUSE Linux Enterprise 11 Service Pack 2 kernel has been updated to version 3.0.93 and includes various bug and security fixes. The following security bugs have been fixed: * CVE-2013-2148: The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c in the Linux kernel...

Security update for Linux kernel (important)

The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to version 3.0.93 and to fix various bugs and security issues. The following features have been added: NFS: Now supports a "nosharetransport" option (bnc#807502, bnc#828192, FATE#315593). ALSA: virtuoso: Xonar DSX...

SuSE 11.2 Security Update : Linux kernel (SAT Patch Numbers 8263 / 8265 / 8273)

The SUSE Linux Enterprise 11 Service Pack 2 kernel has been updated to version 3.0.93 and includes various bug and security fixes. The following security bugs have been fixed : The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c in the Linux kernel did not initialize a...

SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 8269 / 8270 / 8283)

The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to version 3.0.93 and to fix various bugs and security issues. The following features have been added : NFS: Now supports a 'nosharetransport' option (bnc#807502, bnc#828192, FATE#315593). ALSA: virtuoso: Xonar DSX support...

Researchers Build Undetectable Dopant Hardware Trojans

Is it so outlandish anymore to consider that an attacker interested in military, political or corporate espionage would be able to infiltrate a supply chain and drop malware onto an integrated circuit? Evidence of hardware-based Trojans is anecdotal at best, and experts believe a change in...

SIM Card Vulnerability Could Affect Millions of Cell Phones

As many as 750 million mobile phones could be vulnerable to an encryption flaw on certain types of SIM cards, a German cryptographer and researcher warned over the weekend. Karsten Nohl, the founder of Security Research Labs in Berlin, unveiled preliminary research on his blog behind the flaw in...

SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 7991 / 7992 / 7994)

The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to 3.0.82 and to fix various bugs and security issues. The following security issues have been fixed : The chase_port function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to cause a denial of...

3.0.80 kernel update (important)

The kernel was updated to Linux kernel 3.0.80, fixing various bugs and security issues. Following security issues were fixed: CVE-2013-0160: Timing side channel on attacks were possible on /dev/ptmx that could allow local attackers to predict keypresses like e.g. passwords. This has...

Security update for Linux kernel (important)

The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to 3.0.82 and to fix various bugs and security issues. The following security issues have been fixed: * CVE-2013-1774: The chase_port function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to...

Oracle Linux 6 : mesa (ELSA-2013-0897)

From Red Hat Security Advisory 2013:0897 : Updated mesa packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores,....

Oracle Linux 5 : mesa (ELSA-2013-0898)

From Red Hat Security Advisory 2013:0898 : Updated mesa packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score,....

kernel update for SLE11 SP3 (important)

The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to 3.0.82 and to fix various bugs and security issues. Following security issues were fixed: CVE-2013-1774: The chase_port function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to cause a denial...

Security update for Linux kernel (important)

The SUSE Linux Enterprise 11 Service Pack 2 kernel has been updated to Linux kernel 3.0.80 which fixes various bugs and security issues. The following security issues have been fixed: * CVE-2013-0160: Timing side channel on attacks were possible on /dev/ptmx that could allow local...

SuSE 11.2 Security Update : Linux kernel (SAT Patch Numbers 7811 / 7813 / 7814)

The SUSE Linux Enterprise 11 Service Pack 2 kernel has been updated to Linux kernel 3.0.80 which fixes various bugs and security issues. The following security issues have been fixed : Timing side channel on attacks were possible on /dev/ptmx that could allow local attackers to predict ...

Security update for Linux kernel (important)

The SUSE Linux Enterprise 11 Service Pack 2 kernel has been updated to Linux kernel 3.0.80 which fixes various bugs and security issues. The following security issues have been fixed: * CVE-2013-0160: Timing side channel on attacks were possible on /dev/ptmx that could allow local...

kernel update for SLE11 SP2 (important)

The SUSE Linux Enterprise 11 Service Pack 2 kernel was updated to Linux kernel 3.0.80, fixing various bugs and security issues. Following security issues were fixed: CVE-2013-0160: Timing side channel on attacks were possible on /dev/ptmx that could allow local attackers to predict...

China Builds World's Fastest Supercomputer

China has developed a new supercomputer known as Tianhe-2 which is twice as fast as US and Japanese systems has been measured at speeds of 30.65 petaflops or 74 percent faster than the current holder of the world's-fastest-supercomputer title. Titan, the U.S. Department of Energy's fastest...

China Builds World's Fastest Supercomputer

China has developed a new supercomputer known as Tianhe-2 which is twice as fast as US and Japanese systems has been measured at speeds of 30.65 petaflops or 74 percent faster than the current holder of the world's-fastest-supercomputer title. Titan, the U.S. Department of Energy's fastest...

CentOS 5 : mesa (CESA-2013:0898)

Updated mesa packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is....

CentOS Update for glx-utils CESA-2013:0897 centos6

Check for the Version of...

RedHat Update for mesa RHSA-2013:0897-01

Check for the Version of...

CentOS 6 : mesa (CESA-2013:0897)

Updated mesa packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are.....

RedHat Update for mesa RHSA-2013:0898-01

Check for the Version of...

CentOS Update for glx-utils CESA-2013:0898 centos5

Check for the Version of...

glx, mesa security update

CentOS Errata and Security Advisory CESA-2013:0897 Mesa provides a 3D graphics API that is compatible with Open Graphics Library (OpenGL). It also provides hardware-accelerated drivers for many popular graphics chips. An out-of-bounds access flaw was found in Mesa. If an application using Mesa...

glx, mesa security update

CentOS Errata and Security Advisory CESA-2013:0898 Mesa provides a 3D graphics API that is compatible with Open Graphics Library (OpenGL). It also provides hardware-accelerated drivers for many popular graphics chips. It was found that Mesa did not correctly validate messages from the X server. A.....

(RHSA-2013:0898) Moderate: mesa security update

Mesa provides a 3D graphics API that is compatible with Open Graphics Library (OpenGL). It also provides hardware-accelerated drivers for many popular graphics chips. It was found that Mesa did not correctly validate messages from the X server. A malicious X server could cause an application using....

(RHSA-2013:0897) Important: mesa security update

Mesa provides a 3D graphics API that is compatible with Open Graphics Library (OpenGL). It also provides hardware-accelerated drivers for many popular graphics chips. An out-of-bounds access flaw was found in Mesa. If an application using Mesa exposed the Mesa API to untrusted inputs (Mozilla...

RHEL 5 : mesa (RHSA-2013:0898)

Updated mesa packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is....

Pills and Tattoos to Replace Passwords for Authentication

Motorola’s Regina Dugan suggested at the Wall Street Journal’s D11 conference that pills and tattoos could replace passwords as the radical solutions to the perennial authentication problem. Dugan was formerly the head of the Pentagon’s forward-looking Defense Advanced Research Projects Agency...

Trusted Kernel Exploit Used to Unlock Motorola Android Devices

A researcher looking for a way to jailbreak locked down Motorola Android devices found a loophole in hardware-embedded security system to do just that. Dan Rosenberg of Azimuth Security, a consultancy headquartered in Sydney, Australia, reported that he was able to exploit a vulnerability in the...

Wine On Android For Running Windows Apps

As you know, many enthusiasts Android mobile users wishing for alternate of WINE software for Android mobiles or tablet as well, that allow applications designed for Microsoft Windows to run on Unix-like operating systems. Sounds Interesting ? Alexandre Julliard, the original developer behind the.....

Wine On Android For Running Windows Apps

As you know, many enthusiasts Android mobile users wishing for alternate of WINE software for Android mobiles or tablet as well, that allow applications designed for Microsoft Windows to run on Unix-like operating systems. Sounds Interesting ? Alexandre Julliard, the original developer behind the.....

SuSE 11.2 Security Update : Linux kernel (SAT Patch Numbers 7123 / 7127)

The SUSE Linux Enterprise 11 SP2 kernel has been updated to 3.0.51 which fixes various bugs and security issues. It contains the following feature enhancements : The cachefiles framework is now supported (FATE#312793, bnc#782369). The userland utilities were published seperately to...

Cisco VoIP Hacker Urges Closer Look at Firmware Security Vulnerabilities

Ang Cui’s “Funtenna” is just the latest eye-opener into the security of embedded networked devices such as printers, VoIP phones, routers and other core, connected infrastructure. The Columbia University PhD candidate’s recent hack of a Cisco-branded VoIP phone demonstrates the risk posed by...

CVE-2012-2619

The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, Apple, Asus, Ford, HTC, Kyocera, LG, Malata, Motorola, Nokia, Pantech, Samsung, and Sony products, allow remote attackers to cause a denial of service (out-of-bounds read and Wi-Fi outage) via an RSN 802.11i information...

CVE-2012-2619

The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, Apple, Asus, Ford, HTC, Kyocera, LG, Malata, Motorola, Nokia, Pantech, Samsung, and Sony products, allow remote attackers to cause a denial of service (out-of-bounds read and Wi-Fi outage) via an RSN 802.11i information...

CVE-2012-2619

The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, Apple, Asus, Ford, HTC, Kyocera, LG, Malata, Motorola, Nokia, Pantech, Samsung, and Sony products, allow remote attackers to cause a denial of service (out-of-bounds read and Wi-Fi outage) via an RSN 802.11i information...

Out-of-bounds

The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, Apple, Asus, Ford, HTC, Kyocera, LG, Malata, Motorola, Nokia, Pantech, Samsung, and Sony products, allow remote attackers to cause a denial of service (out-of-bounds read and Wi-Fi outage) via an RSN 802.11i information...

CVE-2012-2619

The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, Apple, Asus, Ford, HTC, Kyocera, LG, Malata, Motorola, Nokia, Pantech, Samsung, and Sony products, allow remote attackers to cause a denial of service (out-of-bounds read and Wi-Fi outage) via an RSN 802.11i information...