Cyber Security News (4th January 2018)

  1. Huge Flaw Found in Intel Processors; Patch Could Hit 5-30% CPU Performance

The New Year has just started and very soon a massive vulnerability is going to hit hundreds of millions of Windows, Linux, and Mac users worldwide. According to a blog post published, the core team of Linux kernel development has prepared a critical kernel update without releasing much information about the vulnerability. Multiple researchers confirmed that Intel processors (x86-64) have a severe hardware-level issue that could allow attackers to access protected kernel memory, which primarily includes information like passwords, login keys, and files cached from disk. The security patch implements kernel page-table isolation (KPTI) to move the kernel into an entirely separate address space and keeps it protected and inaccessible from running programs and userspace, which requires an update at the operating system level.

Cyber Security Tips:  The patches have been released, users are strongly recommended to install the patches as soon as possible.

  1. Critical Flaw Reported In phpMyAdmin Lets Attackers Damage Databases

phpMyAdmin is a free software tool written in PHP, intended to handle the administration of MySQL over the Web. phpMyAdmin supports a wide range of operations on MySQL and MariaDB. A critical security vulnerability has been reported in phpMyAdmin—one of the most popular applications for managing the MySQL database which could allow remote attackers to perform dangerous database operations just by tricking administrators into clicking a link. The vulnerability has been discovered by an Indian security researcher, Ashutosh Barot, the vulnerability is a cross-site request forgery (CSRF) attack and affects phpMyAdmin versions 4.7.x. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables, etc.

Cyber Security Tips: Administrators and users are highly recommended to update their installations as soon as possible.

  1. Flaw In Major Browsers Allows 3rd-Party Scripts to Steal Your Saved Passwords

The browser-based password managers are designed for convenience, as they automatically detect login form on a webpage and fill-in the saved credentials accordingly. The Security researchers have uncovered how marketing companies have started exploiting an 11-year-old bug in browsers’ built-in password managers, which allow them to secretly steal your email address for targeted advertising across different browsers and devices. The loophole could allow the malicious person to steal your saved usernames and passwords from browsers without requiring your interaction. A team of researchers from Princeton’s Center for Information Technology Policy has discovered that at least two marketing companies, AdThink and OnAudience, are actively exploiting such built-in password managers to track visitors of around 1,110 of the Alexa top 1 million sites across the Internet.

Cyber Security Tips:  To prevent yourself from such attacks is to disable the autofill function on your browser and avoid saving the password in your browser.

  1. 15-Year-Old Apple macOS 0-Day Kernel Flaw Disclosed, Allows Root Access

A security researcher made public the details of an unpatched security vulnerability in Apple’s macOS operating system that can be exploited to take complete control of a system. The 15 years old bug is a serious local privilege escalation (LPE) vulnerability that could enable an unprivileged user (attacker) to gain root access on the targeted system and execute malicious code. Malware designed to exploit this flaw could fully install itself deep within the system. Since the vulnerability only affects macOS and is not remotely exploitable, the researcher decided to dump his findings online instead of reporting it to Apple.

Cyber Security Tips:  Users are strongly recommended that keep eye on macOS update and install updates once released.

  1. Security Flaws in GPS Trackers Puts Millions of Devices’ Data at Risk

A GPS tracking unit is a device, normally carried by a moving vehicle or person, that uses the Global Positioning System to determine and track its precise location, and hence that of its carrier, at the interval. According to a research conducted by two security experts by Vangelis Stykas (@evstykas) and Michael Gruhn (@0x6d696368), a location tracking devices are at risk and vulnerable to exploitation.  There are versatile devices such as child or pet trackers, fitness monitoring gadgets and automobile trackers that work using GPS and GSM tracking capabilities. Services that offer photo and audio recording facility are also on the list of. According to the report, hundreds of GPS services are vulnerable, most of which use open APIs and weak passwords, such as 123456. This ignorance has led to a wide range of privacy issues, for instance, direct tracking, while logged data is exposed due to open directories of these services. The attacker needs to exploit the default credentials of a device or weakly protected insecure direct object reference (IDOR) flaws in order to access personal information.

Cyber Security Tips:  Users are strongly recommended that change your default credentials with a strong one and keep your devices up-to-date.

  1. Kodi Chorus2 Users Vulnerable to Hacking

Kodi is one of the world’s most popular media streaming applications. It is used by around 38 million people around the globe. Many people use Chorus2 to remotely control a Kodi setup that is installed either on their computer or a set-top box. The convenient browser-based interface can be accessed from a user’s phone or tablet. The problem is caused by Kodi version 17’s popular remote control feature Chorus2. The ability to “hack” a Kodi system is due to Chorus2 being protected with the weak default password and username: “kodi”. If a Kodi system with Chorus2 is left with the default password, it is easy for hackers to access certain folders on the local network. According to Check Point (who discovered the vulnerability), approximately 200 million devices were at risk from the subtitle zero-day.

Cyber Security Tips:  Users and administrators are strongly recommended that apply patches as soon as possible, avoids storing your personal videos on Kodi folders, change default kodi password and keep all media players up-to-date.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: