Router Network Isolation Broken By Covert Data Exfiltration

Posted by & filed under Security Alerts.

Software-based network isolation provided by routers is not as efficient as believed, as hackers can smuggle data between the networks for exfiltration. Most modern routers offer the possibility to split the network into multiple segments that work separately. One example is a guest network that works in parallel with the host. The boundary insulates sensitive… Read more »

4G Router Vulnerabilities Let Attackers Take Full Control

Posted by & filed under Security Alerts.

Multiple vulnerabilities were found by security researchers in 4G routers manufactured by several companies, with the flaws exposing users to information leaks and command execution attacks. Pen Test Partners researcher ‘G Richter’ shared the flaws found in 4G devices during this year’s DEF CON hacking conference, saying that “a lot of existing 4G modems and routers are… Read more »

Over 40 Drivers Could Let Hackers Install Persistent Backdoor On Windows PCs

Posted by & filed under Security Alerts.

If you own a device, or a hardware component, manufactured by ASUS, Toshiba, Intel, NVIDIA, Huawei, or other 15 other vendors listed below, you’re probably in a bad situation. A team of security researchers has discovered high-risk security vulnerabilities in more than 40 drivers from at least 20 different vendors that could allow attackers to… Read more »

Microsoft Operating Systems BlueKeep Vulnerability

Posted by & filed under Security Alerts.

Microsoft announced that a vulnerability in Remote Desktop Services was discovered that could allow a wormable malware, such as a ransomware, to easily propogate through vulnerable systems. This vulnerability, now known as BlueKeep, was given the unique ID of CVE-2019-0708 and affects Windows 7, Windows 2008 R2, Windows Server 2008, Windows XP, and Windows Server… Read more »

New Speculative Execution Flaw Affects All Modern Intel CPUs (SWAPGS Attack)

Posted by & filed under Security Alerts.

A new variant of the Spectre (Variant 1) side-channel vulnerability has been discovered that affects all modern Intel CPUs, and probably some AMD processors as well, which leverage speculative execution for high performance, Microsoft and Red Hat warned. Identified as CVE-2019-1125, the vulnerability could allow unprivileged local attackers to access sensitive information stored in the operating system privileged… Read more »