Security Leftovers
-
Unicorn Media ☛ How to Not Fall Victim to LogoFAIL
You know that splash-screen logo that you see on your monitor for a few seconds every time you boot your computer? Well, it’s not your friend — or at least the parser that your computer’s UEFI uses to display it isn’t your friend — or maybe it’s your friend and maybe it’s not, depending on what kinda computer your using.
It seems there’s a bug out there that’s totally OS, and even silicon, agnostic — meaning it’s completely an equal opportunity destroyer no matter whether you’re running Linux or Windows, or whether your machine is built with Intel, AMD, Arm, or RISC-V inside. It’ll get you, and it’ll get you good — by taking advantage of an exploit that opens once during the boot process.
-
Unicorn Media ☛ Mitigating Android’s “AutoSpill”/Autofill Credentials Leak
Ya might’ve heard some of the brouhaha about about Android’s so-called AutoSpill Attack and how that’s put your passwords in danger of being stolen.
It turns out, according to Dan Goodin over at Ars Technica, that it’s not really an attack at all, nor is it really a vulnerability. What it is, is a danger for people who don’t think things through entirely when they use Android’s Autofill feature in conjunction with their password manager. In other words, using the Autofill feature with your password manager can be fine or can be very unfine, depending on what’s going on.
-
Hackaday ☛ 5Ghoul: The 14 Shambling 5G Flaws Used For Disruptive Attacks On Smartphones
A team of researchers from the ASSET Research Group in Singapore have published the details of a collection of vulnerabilities in the fifth generation mobile communication system (5G) used with smartphones and many other devices. These fourteen vulnerabilities are detailed in this paper and a PoC detailing an attack using a software defined radio (SDR) is provided on GitHub. The core of the PoC attack involves creating a malicious 5G base station (gNB), which nearby 5G modems will seek to communicate with, only for these vulnerabilities to be exploited, to the point where a hard reset (e.g. removal of SIM card) of the affected device may be required.
-
Security Week ☛ Russian Cyberspies Exploiting TeamCity Vulnerability at Scale: Government Agencies
US, UK, and Poland warn of Russia-linked cyberespionage group’s broad exploitation of recent TeamCity vulnerability.
-
RFERL ☛ U.S. Officials Say Russian Hackers Targeting JetBrains Servers For Potential SolarWinds-Style Operations
U.S. officials say that Russian hackers are targeting servers hosting vulnerable software made by the Czech tech company JetBrains.