Intel chip vulnerability lets hackers easily hijack fleets of PCs

Security researchers say exploiting the vulnerability requires little technical expertise, and can result in a hacker taking full control of an affected PC.

A vulnerability in Intel chips that went undiscovered for almost a decade allows hackers to remotely gain full control over affected Windows PCs without needing a password.

The “critical”-rated bug, disclosed by Intel last week, lies in a feature of Intel’s Active Management Technology (more commonly known as just AMT), which allows IT administrators to remotely carry out maintenance and other tasks on entire fleets of computers as if they were there in person, like software updates and wiping hard drives. AMT also allows the administrator to remotely control the computer’s keyboard and mouse, even if the PC is powered off. …

Source: Intel chip vulnerability lets hackers easily hijack fleets of PCs

Share

Brickerbot Shows Why We Need a Secured IoT

There’s a new malware which is destroying IoT devices.

A security researcher at cybersecurity company Radware, has discovered a new malware. This malware, dubbed Brickerbot, is not your typical malware. It’s not trying to steal your information, or take control of your device, no, it just wants to break it.

The malware works much like the Mirai botnet that took down much of the internet last year. It searches the internet for vulnerable devices IoT devices running embedded versions of Linux. Once found, it carries out a “permanent denial of service” attack. This bricks the device altogether. …

Luckily, someone is working to change this. It was just earlier this month that John Chen wrote, “‘Is a securely connected world really possible?’. Yes it is and, not only is it possible, it is a category that BlackBerry is bringing definition to and providing leadership in. We recognize that security is a cat and mouse game, requiring constant investment and innovation and that is what we do, day in, day out. “

Source: Brickerbot Shows Why We Need a Secured IoT – UTB Blogs

Share

Hackers Delight When Businesses Get Lax on Security

Randell Heath isn’t sure how hackers got into his company’s website — all he knows is a supplier called, saying the site had become an online store selling Viagra and Cialis.

The problem might have been at the company that hosts the site. It might have been that Heath’s passwords weren’t strong enough. But the invasion taught Heath a lesson that computer experts say many small business owners still need: Keeping your company’s computers and online sites safe isn’t a one-time operation, but requires continual vigilance as new kinds of attacks emerge. …

The chances of a small business being invaded, of having computers, smartphones, tablets and even bank accounts hacked because of poor cybersecurity, are rapidly growing. And some of the very things small businesses are encouraged to do to make themselves more visible, like having blogs, can also make them more vulnerable. …

Source: Hackers Delight When Businesses Get Lax on Security

Share

A simple command allows the CIA to commandeer 318 models of Cisco switches

Bug relies on telnet protocol used by hardware on internal networks.

Cisco Systems said that more than 300 models of switches it sells contain a critical vulnerability that allows the CIA to use a simple command to remotely execute malicious code that takes full control of the devices. There currently is no fix.

Cisco researchers said they discovered the vulnerability as they analyzed a cache of documents that are believed to have been stolen from the CIA and published by WikiLeaks two weeks ago. The flaw, found in at least 318 switches, allows remote attackers to execute code that runs with elevated privileges, Cisco warned in anadvisory published Friday. …

Source: A simple command allows the CIA to commandeer 318 models of Cisco switches

Share

Patch Apache Struts 2 Now! Hackers are exploiting a remote code execution zero-day in the wild

Security researchers have spotted a remote code execution zero-day, tracked as CVE-2017-5638, in Apache Struts 2, and the bad news is that threat actors in the wild are already exploiting it.

According to the experts from Cisco Talos that flaws affected the Jakarta-based file upload Multipart parser under Apache Struts 2, sys admins need to urgently apply the security upgrade. The CVE-2017-5638 is documented at Rapid7’s Metasploit Framework GitHub site, attackers in the wild are exploiting a publicly available PoC code that triggers the issue. …

Source: Patch Apache Struts 2 Now! Hackers are exploiting a remote code execution zero-day in the wild

Share