- Insecure Apps that Open Ports Leave Millions of Smartphones at Risk of Hacking
A team of researchers from the University of Michigan discovered that hundreds of applications in Google Play Store have a security hole that could allow hackers to steal data and even implant malware on millions of Android smartphones. The researcher said that issue lies within apps that create open ports. It also allows an attacker to create a backdoor. During the scanning, the team found that 410 potentially vulnerable applications. According to the researchers, the major issue is with the apps like Wi-Fi File Transfer, which has been installed between 10 million and 50 million times and allows users to connect to a port on their smartphone via Wi-Fi, making it easy to transfer files from a phone to a computer. The team said that successful exploitation could allow remotely stealing contacts, photos, and even security credentials, and also performing sensitive actions such as malware installation and malicious code execution.
Cyber Security Tips: Users are recommended to uninstall these insecure applications, avoid to installed application from untrusted sources and keep using security suits.
- SNMP Flaw Affects Several Online Devices
A severe security flaw in the implementation of the SNMP (Simple Network Management) Protocol allows an attacker to take over at least 78 cable modem models. SNMP is used for automated network device identification, monitoring and remote configuration. It is supported and enabled by default in many devices, including servers, printers, networking hubs, switches and routers. Security researchers Ezequiel Fernandez and Bertin Bervis found vulnerability CVE 2017-5135. The StringBleed vulnerability is an Incorrect Access Control issue, remote attackers could exploit the issue to execute code on the vulnerable devices and gain “full read/write remote permissions using any string/integer value.
Cyber Security Tips: Users are recommended to update the issue as soon as possible.
PCs with Intel Server Chipsets Can be Hacked Remotely
The researcher team discovered a critical vulnerability in Intel server chipset, which could allow attackers to take control of the computers remotely, affecting all Intel systems, including PC, laptops, and servers, with AMT feature enabled. According to report the bug resides in the Intel Management Engine (ME) technologies such as Active Management Technology (AMT), Small Business Technology (SBT), and Intel Standard Manageability (ISM), according to an advisory published Monday by Intel. If an attacker successfully exploits this vulnerability an attacker can log into a vulnerable machine’s hardware and silently perform malicious activities, like tampering with the machine, installing virtually undetectable malware, using AMT’s features. The security flaw affects Intel manageability firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6 for Intel’s AMT, ISM, and SBT platforms. However, versions before 6 or after 11.6 are not impacted according to news published by Hacker News.
Cyber Security Tips: Users and administrator are recommended to install a firmware patch as soon as possible.
- Netgear Patches Remote Code Execution Flaws in Routers, Switches
Netgear recently informed to their customers that it has released firmware updates for some of its routers and switches to address remote code execution and other types of vulnerabilities. Netgear informed users about the existence of CVE-2017-6862, a buffer overflow vulnerability that can be exploited by a remote attacker to bypass authentication and execute arbitrary commands. The flaw, discovered by Maxime Peterlin of ON-X, affects WNR2000v3, WNR2000v4, WNR2000v5 and R2000 routers. The company said the weakness can only be exploited by an attacker with access to the network hosting the device, or if the router has the remote management feature enabled. The patches are released by the company according to news published by security week.
Cyber Security Tips: Users are recommended to install the patches as soon as possible