Tag Archives: Sundown

10Fold- Security Never Sleeps- 150

Researcher Says 9 in 10 Smart TVs Vulnerable to Broadcast-based Attacks

“However attack maybe challenging”

Security researchers at Columbia have been able to demonstrate the vulnerability of many Smart TV’s and other internet connectivity-capable devices three years ago, a finding mirrored by current investigations into IoT security. While over 90 percent of these popular new devices may be vulnerable, researchers give a sense of relief in citing hat that the hacking and remote control of them may be quite difficult to accomplish.

‘Serious data breach’ as MPs’ staff names and salaries posted online

“IPSA investigation underway”

The Independent Parliamentary Standards Authority (IPSA) has initiated an investigation on the wrongful release of the sensitive information of many of member of parliaments staffers. The IPSA has commented on the incident, regarding it as a ‘”serious data breach.”

‘Sundown’ Rises as New Threat in Depleted Exploit Kit Landscape

“A few kits remain hostile”

After the arrest of several dozen individuals in Russia that were believed to be associated with Angler EK last year, exploit kits have been significantly on the decline. Several remain active, however, including Sundown. Sundown is an exploit that was until recently considered relatively unimportant, however increased usage and sophistication have proved to increase the threat level over time.

UEFI Vulnerabilities Found in Gigabyte Mini PCs

“Backdoor installations capable of exploitation”

Security firm Cylance has recently released details of two UEFI vulnerabilities that may be potentially hazardous in Gigabyte BRIX mini PC’s. Firmare updates have also been announced in order to combat the flaws.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 131

Beyond the CES Hype: No Easy Fixes for Security and Privacy Woes

“No ease for privacy concerns at tech conference”

Despite all the fancy new technology products showcased at the CES conference there was little reassurance of the security of currently existing ones. Experts have reached near consensus that software vulnerabilities in many internet connected consumer devices can be relatively easy to exploit by hackers due to weak security features.

Dangerous assumptions that put enterprises at risk

“Internet providers do not cover preventative measures as expected”

Kaspersky Lab surveys have found that nearly 40 percent of tech companies do not put adequate security measures in place due to the belief that internet service providers will pick up the slack on features that block hackers and cyber thieves. Consumers seem to be in the same boat, with about one-in-three believing their ISP data centers provide adequate protections.

Edge Exploits Added to Sundown EK

“Security holes apparently exploitable by remote hackers”

Those responsible for maintaining the Sundown exploit kit have begun using Microsoft Edge security flaws as a Proof of Concept exploit. The CVE-2016-7200 and CVE-2016-7201 flaws, patched by Microsoft in November of 2016, are described as memory holes that that are corrupted by the way Chakra JavaScript handles code.