1. New Bluetooth Hack Affects Millions of Devices from Major Vendors
A highly critical cryptographic vulnerability has been found affecting some Bluetooth implementations that could allow an unauthenticated, remote attacker in physical proximity of targeted devices to intercept, monitor or manipulate the traffic they exchange.
The Bluetooth hacking vulnerability, affects firmware or operating system software drivers from some major vendors including Apple, Broadcom, Intel, and Qualcomm, while the implication of the bug on Google, Android and Linux are still unknown.
Cyber Security Tips:
- To fix the issue, the Bluetooth SIG has now updated the Bluetooth specification to require products, Users are recommended to install patches from vendors.
2. Google Chrome to Show Not Secure For HTTP Sites and Fix for 42 Security Issues
With the release of Chrome 68, Google to mark all the HTTP sites as “not secure” which makes easier for the user to know whether their personal information is safe as it travels across the network. Also, the update includes 42 security fixes.
Anything that sent over HTTP is not secured, the data sent between the browser and the server is unencrypted which allow an attacker to launch a man-in-the-middle attack and steal your sensitive data such as credentials, credit card info and personal information.
The Chrome’s “not secure” warning helps the user to understand the connection to the site is not safe and also prompt the site’s owner to improve the site security.
Cyber Security Tips :
- Users are Recommended to upgrade Google Chrome browser with chrome 68 Version to avail this feature.
3. Apache Tomcat Patches Important Security Vulnerabilities
Apache Tomcat is an open source web server and servlet system, which uses several Java EE specifications like Java Servlet, JavaServer Pages (JSP), Expression Language, and WebSocket, and provides a “pure Java” HTTP web server environment for Java concept to run in.
The Apache Software Foundation (ASF) has released security updates to address several vulnerabilities in its Tomcat application server, The Vulnerabilities ewhich has been exposed ar as follows:
- Information Disclosure Vulnerability
- Denial of Service (DoS) Vulnerability
A remote attacker could exploit one of these vulnerabilities to obtain sensitive information.
Cyber Security Tips :
- IT Persons are strongly recommended to apply the software updates as soon as possible.
Administrators are advised to allow only trusted users to have network access as well as monitor affected systems.
4. IBM fixes flaw that let hackers replace its serverless code with their own
Experts at IBM (The International Business Machines Corporation) have patched a critical vulnerability in its Cloud Functions which if exploited could allow remote malicious hackers to replace company’s serverless code with their own.
Once the changes took effect, hackers could have extracted sensitive customer data including login credentials, credit card numbers, delete or modify data, conducting distributed denial-of-service (DDoS) attacks, and even use the server to mine cryptocurrencies.
The vulnerability is the first publicly-disclosed one in a serverless platform.
IBM has patched the vulnerability before it could be exploited.
5. Israel looking to work with India on cyber security
As dozens of official websites, including those of defence and home ministries, were hit by cyber hacking two months ago, Israel has sought to support and collaborate with Indian agencies to prevent such attacks in the future.
Israel, which has some 400 cyber companies and accounts for eight per cent of global cyber exports, is planning to collaborate with the Indian government and agencies, given the kind of threat in the virtual world.
Indian agencies are also trying their best to protect state secrets from anti-national elements across the world.