Connect with us

Cyber Security

Cable Haunt RCE vulnerability exposes millions of modems to exploitation

Avatar

Published

on

Researchers have disclosed the discovery of a critical remote code execution vulnerability in millions of Broadcam cable modems, including about 200 million in Europe alone.

Named Cable Haunt, the flaw consists of a combination of “lack of proper authorization of the web-socket client, default credentials and a programming error in the spectrum analyzer” component of the modems, according to a web site and technical paper published by the four researchers.

The same bug wound up in so many different models of modem because the error actually originated in popular reference software that numerous modem manufacturers copied when coding their own firmware. Unfortunately, this also makes it difficult to pinpoint the precise number of affected brands and models.

Attackers can reportedly exploit the web socket flaw to remotely access an endpoint on the modem that serves the spectrum analyzer. They can then use javascript code running in the browser to trigger a buffer overflow, which allows them to execute arbitrary code at the kernel level. At that point, the malicious actors would be capable of a wide range of nefarious activity, including changing the default DNS server and reconfiguring other key settings, conducting man-in-the-middle attacks to intercept private messages, redirecting traffic, and recruiting the modem into a botnet.

According to the researchers’ web page, Cable Haunt “can give an attacker full remote control over the entire unit, and all the traffic that flows through it, while being invisible for both the user and ISP and able to ignore remote system updates.”

Credit for the discovery goes to Alexander Krog, Jens Stærmose and Kasper Terndrup of the Danish cybersecurity firm Lyrebirds ApS, and independent Danish researcher Simon Sillesen. The primary vulnerability is designated CVE-2019-19494, while a second similar vulnerability, CVE-2019-19495 applies only to a DNS rebinding flaw found in the web interface of the Technicolor TC7230 STEB 01.25 cable modem.

A full inventory of modems that are confirmed to be affected is available on the Cable Haunt web page. These include the Arris Durfboard SB8200, Arris Surfboard CM8200A, Arris Surfboard SB6183, Cisco EPC3928AD, COMPAL 7284E, COMPAL 7486E, Human HGB10R-02, Netgear C6250EMR, Netgear CG3700EMR, Netgear CM 1000, Netgear CM600, Sagemcom F@st 3890, Sagemcom F@st 3686, Technicolor TC7230, Technicolor TC4400, Technicolor 7300 and Technicolor TC7200.

The researchers said they contacted as many of the modem manufacturers as they could in advance of publicly disclosing the issue, as well as ISP companies that distribute the modems. “Some of the contacted ISPs have informed us that they have or are rolling out firmware updates; however, we are still missing updates from several,” the researchers said on the website. Additionally, the researchers have developed a proof-of-concept exploit and a script that tests whether a user’s modem is vulnerable.

Republished from https://www.scmagazine.com/home/security-news/vulnerabilities/cable-haunt-rce-vulnerability-exposes-millions-of-modems-to-exploitation/

Cyber Security

Russian hackers steal Prince Harry and Meghan Markle photos via Cyber Attack

Avatar

Published

on

According to a biography ‘Finding Freedom’, Russian hackers reportedly stole 100s of photos and videos related to the marriage of Duke with Duchess of Sussex that includes some snaps related to the Queen of Britain.

Authored by Omid Scobie and Carolyn Durand, the biography gives us details on why Prince Harry chose to depart the royal life to lead a quiet living in United States along with his newly born son ‘Archie’ Harrison Mountbatten Windsor and wife Meghan Markle.

Coming to the data leak, the breach is a wake up call to the entire world on how hackers could invade into the personal lives of celebrities without their knowledge to create havoc thereafter.

Cybersecurity Insiders has learnt that the stolen photos were related to the wedding photographer Alexi Lubomiriski, hired to digitally capture the wedding of the Duke with Meghan in May’18. Around 200 photos related to the Prince’s wedding were stolen by a computer programmer based in Russia out of which many were ‘outtakes’ meant to be directed to the computer trash can.

The biography specifies that the memorabilia were siphoned from a cloud account owned by the marriage photographer and includes pictures taken by Harry and Meghan along with the Queen at the wedding.

A photo sharing website named Tumblr is seen displaying a few of the stolen pictures possibly leaked by the hacker. 

An inquiry into the data breach and leakage of wedding photos was launched by the law enforcement in Britain after it received an official complaint from the authorities at the Queens palace.

Note- In June 2019, hackers somehow managed to infiltrate the personal computer of the New York based fashion photographer Alexi Lubomirski well- known in the fashion community of London for digitally capturing the lives of Scarlett Johnson, Jennifer Lopez, Britney Spears, Natalie Portman on many ocassions/events.

Source: https://www.cybersecurity-insiders.com/russian-hackers-steal-prince-harry-and-meghan-markle-photos-via-cyber-attack/?utm_source=rss&utm_medium=rss&utm_campaign=russian-hackers-steal-prince-harry-and-meghan-markle-photos-via-cyber-attack

Continue Reading

Cyber Security

Texas School District experiences DDoS Cyber Attack

Avatar

Published

on

On the very first day of virtual learning, a Texas school district has made it official that it became a victim of a cyber attack that disrupted virtual classes for 48 minutes. However, the good news is that the IT staff of the school district was swift enough to thwart the Denial of service cyber attack, neutralizing its repercussions to full extent.

The school district that is in discussion is based on the City of Humble, Texas, United States and is known as ‘The Humble Independent School District (Humble ISD) ’.

Liz Celania- Fagan, the Superintendent of Humble ISD, has confirmed the incident via twitter and informed the world that the virtual classes that were impacted by the cyber incident were back online after a break of nearly an hour.

Liz mentioned in her statement that all those students who were logged into the classes via their student Gmail accounts might not be able to log into their student email accounts until the incident is technically resolved.

Note- A denial of service attack aka distributed denial of service attack is launched through botnets that aim to shut down a computer network by bombarding it with fake web traffic.

Meanwhile, The Federal Bureau of Investigation (FBI) has issued a nationwide alert that all school districts that are planning for virtual classes for this academic year should take adequate Cybersecurity measures as there is a high possibility that their servers might be targeted by ransomware.

“As many of the K-12 schools are planning virtual classes from September, it makes them vulnerable to cyber attacks such as ransomware”, says Corey Harris, a special agent of FBI.

There is a good chance that hacking groups might be after social security numbers and other faculty or staff info added Harris.

Hope, the CIOs or CTOs of school districts have taken a note of the ransomware alert issued by FBI targeting K-12 schools.

Source: https://www.cybersecurity-insiders.com/texas-school-district-experiences-ddos-cyber-attack/?utm_source=rss&utm_medium=rss&utm_campaign=texas-school-district-experiences-ddos-cyber-attack

Continue Reading

Cyber Security

Digital signatures security explained

Avatar

Published

on

[ This article was originally published here ]

This blog was written by an independent guest blogger.
Digital signatures have been around for decades, but recent events have put them back in the spotlight. They were heralded as the future of cybersecurity as far back as 1999, but in the intervening years came to be somewhat taken for granted by security engineers. Not any longer: the massive move to home working precipitated by the Covid-19 pandemic have forced many to take a fresh look at the security value of digital signatures, why they matter, and their relationship to encryption.
We thought we’d do the same. In this article, we’ll give you a refresher course on how digital signatures work, why they are important for security, and what the future holds.
How do digital signatures work?
Digital signatures, at the most fundamental level, are mathematical algorithms used to validate the authenticity and integrity of an electronic message….

Bernard Brode Posted by:

Bernard Brode

      

Avatar

Source: https://www.cybersecurity-insiders.com/digital-signatures-security-explained/?utm_source=rss&utm_medium=rss&utm_campaign=digital-signatures-security-explained

Continue Reading
Blockchain3 hours ago

The Nebulas blockchain project releases plans for a massive DeFi ecosystem!

Blockchain4 hours ago

Bitcoin, Ethereum lose August’s first round to small-caps

AR/VR4 hours ago

‘Hitman III’ VR Clip Confirms PS Move Support, Reveals Impressive Level of Detail

AR/VR5 hours ago

Psychic VR Lab Opens Applications for NEWVIEW Awards 2020

Blockchain6 hours ago

Bitcoin Cash, Tron, Synthetix Price Analysis: 13 August

Publications6 hours ago

IEA sees lower oil demand in 2020, 2021 on upsurge of coronavirus cases and stalling mobility

Publications6 hours ago

Coronavirus live updates: China says chicken imported from Brazil tests positive for virus; relief talks at a standstill

Publications7 hours ago

What a touch-free airplane bathroom is going to look like

AR/VR7 hours ago

‘Vox Machinae’ Quietly Added New Mechs, Weapons, & Co-op in Updates, Studio Has “Ambitious plans” for the Future

Cannabis7 hours ago

Can comedy normalize cannabis use?

Blockchain8 hours ago

Gold’s Sharp Rebound After Rout Hints Bitcoin En Route to $12K

Publications8 hours ago

Pompeo says Trump’s executive orders are ‘broader’ than just TikTok and WeChat, hinting at more action

Blockchain8 hours ago

Down to the Wire: Yam Finance Saved at the Last Minute

Blockchain8 hours ago

Boom! Kraken Predicts Imminent Bitcoin Price Rally of Up to 200%

Blockchain9 hours ago

Global P2P Bitcoin Trading Volume at Highest Point Since Jan. 2018

Blockchain9 hours ago

Tron’s BitTorrent Network Reaches 2 Billion Downloads

Publications10 hours ago

Stock futures edge lower after S&P 500 closes just under a record

Blockchain11 hours ago

CoinList Exchange Struggles, but NEAR Disaster Averted

Publications11 hours ago

3 charts show China is far from meeting its ‘phase one’ trade commitment to the U.S.

Blockchain11 hours ago

Five Hours to Failure: The ‘Save Yam’ Proposal Is Falling Short

Publications13 hours ago

Latin America will see ‘record-breaking contraction’ as the coronavirus shatters their economies, Goldman says

Blockchain13 hours ago

Analyst Who Called Bitcoin’s Tuesday Low Expects a Move to $13,000

Publications13 hours ago

Depression-like collapse is sparking a wartime-type boom, market bull Jim Paulsen predicts

Publications14 hours ago

Kamala Harris blames Trump for severity of U.S. coronavirus outbreak: He failed to take it ‘seriously from the start’

Automotive14 hours ago

2021 Hyundai Elantra N Line picks up where Elantra Sport, GT N Line leave off

Cannabis14 hours ago

New Jersey Medical Cannabis Patients Can Now Use Telehealth

Publications15 hours ago

Accuracy of U.S. coronavirus data thrown into question as decline in testing skews drop in new cases

Blockchain15 hours ago

Bitcoin Could Retrace to $9,000 if it Breaks Below This One Key Level

AI15 hours ago

Amazon Textract now available in Asia Pacific (Mumbai) and EU (Frankfurt) Regions 

Publications15 hours ago

Walt Disney World actors to return to work after company offers coronavirus tests

Publications16 hours ago

Uber CEO says its service will probably shut down temporarily in California if it’s forced to classify drivers as employees

Blockchain16 hours ago

Litecoin, VeChain, Algorand Price Analysis: 12 August

Cannabis16 hours ago

Can Marijuana Really Cause A Person To Become Aggressive?

Publications16 hours ago

Stocks making the biggest moves after hours: Lyft, Cisco, Vroom & more

Automotive16 hours ago

Meet Tucson, a stray dog who became Prime Hyundai’s newest car consultant

Cannabis16 hours ago

Trump And GOP Already Attacking Kamala Harris Over Marijuana Record

Publications16 hours ago

Cisco falls on disappointing quarterly guidance as revenue continues to drop

Publications16 hours ago

Lyft may suspend service in California if court requires it to classify drivers as employees

Blockchain17 hours ago

Is Chainlink riding the DeFi bubble?

Cannabis17 hours ago

$61M Worth of Drugs Discovered in Shipping Containers Filled With Cacti, Limes

Trending