Latest Breaking News On - Industry consortium for advancement of security - Page 1 : comparemela.com
Samer Salam | InformIT
informit.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from informit.com Daily Mail and Mail on Sunday newspapers.
Petar Radanliev | InformIT
informit.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from informit.com Daily Mail and Mail on Sunday newspapers.
Patched Wi-Fi Vulnerabilities Posed Risks to All Users
bankinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from bankinfosecurity.com Daily Mail and Mail on Sunday newspapers.
By Ry Crozier on May 13, 2021 7:24AM FragAttacks detailed after nine months of behind-the-scenes work.
A security researcher has uncovered 12 vulnerabilities in the 802.11 wi-fi standard that are said to affect “every wi-fi product” in some way, with major vendors starting to release firmware updates.
The flaws have all been assigned Common Vulnerabilities and Exposures (CVE) identifiers, and the researcher that uncovered them, Mathy Vanhoef, grouped them as fragmentation and aggregation attacks, or ‘FragAttacks’.
“An adversary that is within radio range of a victim can abuse these vulnerabilities to steal user information or attack devices,” Vanhoef wrote. The biggest risk in practice is likely the ability to abuse the discovered flaws to attack devices in someone s home network. For instance, many smart home and internet-of-things devices are rarely updated, and wi-fi security is the last line of defence that prev
The flaw, tracked as CVE-2021-31207, is present in the same platform that was at the heart of a devastating supply chain attack earlier in the year, although it hasn’t yet been exploited by cyber criminals. It’s described as a security feature bypass flaw and was discovered as part of last month’s Pwn2Own contest.
This has been fixed alongside two other zero-day vulnerabilities. These are an elevation of privilege flaw in .NET and Visual Studio, tagged CVE-2021-31204, and a remote code execution flaw in Microsoft s Common Utilities component, tagged CVE-2021-31200.
Adobe fixes Reader bug under attack