Technology A security researcher found Wi-Fi vulnerabilities that have existed since the beginning

04:55  13 may  2021
04:55  13 may  2021 Source:   theverge.com

Microsoft breach ramps up pressure on Biden to tackle cyber vulnerabilities

  Microsoft breach ramps up pressure on Biden to tackle cyber vulnerabilities The Biden administration is coming under increasing pressure to address U.S. cybersecurity vulnerabilities following the Microsoft breach that has quickly been viewed as a massive threat to the U.S.Officials are still trying to wrap their heads around the extent of the cyberattack more than two weeks after the U.S. tech giant announced it was hit.Complicating matters is the fact that the breach comes as the administration continues to gauge the widening fallout of what has become known as the SolarWinds hack. The two incidents, likely linked to nation-state activity, are painting a grim picture of the cybersecurity threats facing U.S.

The security researcher who discovered the Krack Wi-Fi vulnerability has discovered a slew of other flaws with the wireless protocol most of us use to power our online lives (via Gizmodo). The vulnerabilities relate to how Wi-Fi handles large chunks of data, with some being related to the Wi-Fi standard itself, and some being related to how it’s implemented by device manufacturers.

a traffic light © Illustrator by Alex Castro / The Verge

The researcher, Mathy Vanhoef, calls the collection of vulnerabilities “FragAttacks,” with the name being a mashup of “fragmentation” and “aggregation.” He also says the vulnerabilities could be exploited by hackers, allowing them to intercept sensitive data, or show users fake websites, even if they’re using Wi-Fi networks secured with WPA2 or even WPA3. They could also theoretically exploit other devices on your home network.

VMware patches critical vRealize Operations platform vulnerabilities

  VMware patches critical vRealize Operations platform vulnerabilities Administrator credentials could be stolen by exploiting the bugs.vRealize Operations is described as an artificial intelligence (AI)-based platform that provides "self-driving IT operations management for private, hybrid, and multi-cloud environments.

There are twelve different attack vectors that fall under the classification, which all work in different ways. One exploits routers accepting plaintext during handshakes, one exploits routers caching data in certain types of networks, etc. If you want to read all the technical details on how exactly they work, you can check out Vanhoef’s website.

According to The Record, Vanhoef informed the WiFi Alliance about the vulnerabilities that were baked-in to the way Wi-Fi works so they could be corrected before he disclosed them to the public. Vanhoef says that he’s not aware of the vulnerabilities being exploited in the wild. While he points out in a video that some of the vulnerabilities aren’t particularly easy to exploit, he says others would be “trivial” to take advantage of.

Zero-day vulnerabilities in SonicWall email security are being actively exploited

  Zero-day vulnerabilities in SonicWall email security are being actively exploited The vendor is urging customers to apply patches immediately.In a security alert on Tuesday, the US company said fixes have been published to resolve three critical issues impacting "hosted and on-premises email security products.

Vanhoef points out that some of the flaws can be exploited on networks using the WEP security protocol, indicating that they’ve been around since Wi-Fi was first implemented in 1997 (though if you’re still using WEP, these attacks should be the least of your concerns).

Vanhoef says that the flaws are wide-spread, affecting many devices, meaning that there’s a lot of updating to do.

The thing about updating Wi-Fi infrastructure is that it’s always a pain. For example, before writing this article I went to check if my router had any updates, and realized that I had forgotten my login information (and I suspect I won’t be alone in that experience). There’s also devices that are just plain old, whose manufacturers are either gone or not releasing patches anymore. If you can, though, you should keep an eye on your router manufacturer’s website for any updates that are rolling out, especially if they’re in the advisory list.

ISC urges updates of DNS servers to wipe out new BIND vulnerabilities

  ISC urges updates of DNS servers to wipe out new BIND vulnerabilities The security flaws could lead to remote exploitation.This week, the organization said the vulnerabilities impact ISC Berkeley Internet Name Domain (BIND) 9, widely used as a DNS system and maintained as an open source project.

Some vendors have already released patches for some of their products, including:

  • Microsoft
  • Eero
  • Aruba
  • Cisco
  • Ruckus
  • Intel
  • Juniper
  • Lancom
  • Lenovo
  • Linux Wireless
  • Mist
  • Netgear
  • Samsung
  • Synology
  • Zyxel

As for anything else you need to do, Vanhoef recommends the usual steps: keep your computers updated, use strong, unique passwords, don’t visit shady sites, and make sure you’re using HTTPS as often as possible. Other than that, it’s mostly being thankful that you’re not in charge of widespread IT infrastructure (my deepest condolences if you, in fact, are).

GitHub: Here's how we're changing our rules around malware and software vulnerability research .
Microsoft's GitHub updates policies to better support researchers working on tools that can be used both to help and harm networks.It admits the language it previously used was "overly broad".

usr: 2
This is interesting!