Forwarded from TechToday News
#Vulnerability #Hack #Hardware #Network #Article
Remotely compromise devices by using bugs in Marvell Avastar Wi-Fi: from zero knowledge to zero-click RCE
With this research, I’m going to answer the question that has had to be answered for quite a time: to what extent is Marvell WiFi FullMAC SoC (not) secure. Since the wireless devices with the analyzed chip aren’t fully researched by the community yet, they may contain a tremendous volume of unaudited code, which may result in severe security issues swarming devices equipped with WLAN cards. At the outset, I should mention that this article is based on the info I presented during my ZeroNights 2018 talk. So, feel free to have a look at the original slides here There are also some notable researches on the subject of wireless SoC security. For example, Google Project Zero published a series of blog posts starting in April 2017 describing exploitation of Broadcom Wi-Fi stack on smartphones. This topic was also discussed at theBlackHat 2017 conference. Some smartphone baseband exploits write-ups might help understand the techniques used to reverse engineer firmware of wireless SoC.
https://embedi.org/blog/remotely-compromise-devices-by-using-bugs-in-marvell-avastar-wi-fi-from-zero-knowledge-to-zero-click-rce/
Remotely compromise devices by using bugs in Marvell Avastar Wi-Fi: from zero knowledge to zero-click RCE
With this research, I’m going to answer the question that has had to be answered for quite a time: to what extent is Marvell WiFi FullMAC SoC (not) secure. Since the wireless devices with the analyzed chip aren’t fully researched by the community yet, they may contain a tremendous volume of unaudited code, which may result in severe security issues swarming devices equipped with WLAN cards. At the outset, I should mention that this article is based on the info I presented during my ZeroNights 2018 talk. So, feel free to have a look at the original slides here There are also some notable researches on the subject of wireless SoC security. For example, Google Project Zero published a series of blog posts starting in April 2017 describing exploitation of Broadcom Wi-Fi stack on smartphones. This topic was also discussed at theBlackHat 2017 conference. Some smartphone baseband exploits write-ups might help understand the techniques used to reverse engineer firmware of wireless SoC.
https://embedi.org/blog/remotely-compromise-devices-by-using-bugs-in-marvell-avastar-wi-fi-from-zero-knowledge-to-zero-click-rce/
Forwarded from TechToday News
#Hack #Security #Router #Report
EternalSilence: Why your router may be at risk from this NSA tool
Do you trust your router to keep you safe from hackers and spies? You may want to take another look just to make sure.
Akamai recently discovered a malware campaign that has already compromised over 45,113 home and office routers. This was done using a tool based on the United States of America’s NSA hacking tools which were leaked online in 2017. To explain how hackers use this tool to turn your router into a proxy server, we first have to understand how UPnP works.
https://www.securityartwork.es/2019/01/14/eternalsilence-why-your-router-may-be-at-risk-from-this-nsa-tool/
EternalSilence: Why your router may be at risk from this NSA tool
Do you trust your router to keep you safe from hackers and spies? You may want to take another look just to make sure.
Akamai recently discovered a malware campaign that has already compromised over 45,113 home and office routers. This was done using a tool based on the United States of America’s NSA hacking tools which were leaked online in 2017. To explain how hackers use this tool to turn your router into a proxy server, we first have to understand how UPnP works.
https://www.securityartwork.es/2019/01/14/eternalsilence-why-your-router-may-be-at-risk-from-this-nsa-tool/
Security Art Work
EternalSilence: Why your router may be at risk from this NSA tool - Security Art Work
Today’s article is courtesy of John Mason, co-founder of TheBestVPN.com and writer at Tripwire, StaySafeOnline, DigitalGuardian y Educause. You can find him on twitter as @JohnCyberMason. Do you trust your router to keep you safe from hackers and spies?…
Forwarded from TechToday News
#Vulnerability #Router #Network #Article
UPnP, Vulnerability As A Feature That Just Won’t Die
UPnP — in a perfect world it would have been the answer to many connectivity headaches as we add more devices to our home networks. But in practice it the cause of a lot of headaches when it comes to keeping those networks secure.
It’s likely that many Hackaday readers provide some form of technical support to relatives or friends. We’ll help sort out Mom’s desktop and email gripes, and we’ll set up her new router and lock it down as best we can to minimise the chance of the bad guys causing her problems. Probably one of the first things we’ll have all done is something that’s old news in our community; to ensure that a notorious vulnerability exposed to the outside world is plugged, we disable UPnP on whatever cable modem or ADSL router her provider supplied.
https://hackaday.com/2019/01/14/upnp-vulnerability-as-a-feature-that-just-wont-die/
UPnP, Vulnerability As A Feature That Just Won’t Die
UPnP — in a perfect world it would have been the answer to many connectivity headaches as we add more devices to our home networks. But in practice it the cause of a lot of headaches when it comes to keeping those networks secure.
It’s likely that many Hackaday readers provide some form of technical support to relatives or friends. We’ll help sort out Mom’s desktop and email gripes, and we’ll set up her new router and lock it down as best we can to minimise the chance of the bad guys causing her problems. Probably one of the first things we’ll have all done is something that’s old news in our community; to ensure that a notorious vulnerability exposed to the outside world is plugged, we disable UPnP on whatever cable modem or ADSL router her provider supplied.
https://hackaday.com/2019/01/14/upnp-vulnerability-as-a-feature-that-just-wont-die/
Hackaday
UPnP, Vulnerability As A Feature That Just Won’t Die
UPnP — in a perfect world it would have been the answer to many connectivity headaches as we add more devices to our home networks. But in practice it the cause of a lot of headaches when it …
Forwarded from Макс | Нейросети и ресурсы для дизайнера в @u_pre
Это где такое взять посмотреть можно? Хочу себя поискать
Forwarded from Макс | Нейросети и ресурсы для дизайнера в @u_pre
Или где прочекать свою почту?
Forwarded from Alex
Слушайте, сейчас готовлю ноут для человека. Какой браузер сейчас самый менее жручий в плане памяти?
Forwarded from Deleted Account
Слим джет тоже не плох
https://www.slimjet.com/ru/
https://www.slimjet.com/ru/
Slimjet
Просматривайте сайты без рекламы с помощью самого быстрого веб-браузера в мире — Slimjet
Надоела вся эта раздражающая реклама? С удовольствием просматривайте чистый Интернет без рекламы на сумасшедшей скорости с помощью самого быстрого веб-браузера в истории.
Forwarded from Deleted Account
Ну и как вариант Слим браузер от тех же разработчиков
https://www.slimbrowser.net/ru/
https://www.slimbrowser.net/ru/
www.slimbrowser.net
SlimBrowser - fast and secure web browser for Windows.
Лучшая программа-браузер - быстро, надежно и БЕСПЛАТНО - Загрузить SlimBrowser БЕСПЛАТНО
Forwarded from Alex
@Eddi_Crash Вот прям огромное спасибо ) кажется даже я слимджет захотел погонять )
Forwarded from Artem
TJ
Вас заметили
«Рокетбанк» против «Тинькофф».
Forwarded from Artem
Кому тут живой музыки в пятницу отгрузить? Забирайте...
https://www.youtube.com/channel/UC9myQPdENBPFwAB87Z3JfIg
https://www.youtube.com/channel/UC9myQPdENBPFwAB87Z3JfIg
YouTube
NATALYA OBUKHOVA
Канал триумфально закрыт.
Closed.
Closed.
Forwarded from TeleBot
Привет! Вот новый динамический прокси tg://proxy?server=gg.proxy4free.club&port=8443&secret=dd9c8b6055bfa54133c980bf949495d258 он не боится блокировки. Пользуйтесь!)
Forwarded from Cool Admin
Отличный сервис со списками заблокированного в РФ https://antifilter.download
Forwarded from 𝐕𝐚𝐧𝐞𝐬 𝐒𝐦𝐢𝐫𝐧𝐨𝐯
Кто может помочь с макросом на VBA? В Excel исследование провожу, есть готовый на 40 человек, надо расширить до 100