Ajuns una dintre cele mai răspândite ameninţări informatice, malware-ul din categoria ransomware are ca principal obiectiv „sechestrarea” fişierelor importante de pe hard disk în spatele unui algoritm de criptare şi solicitarea plăţii unei sume de bani pentru recuperarea acestora, de obicei prin cedarea cheii de criptare folosită iniţial.
Din păcate plata sumei cerute înainte de expirarea termenului limită impus de atacatori nu garantează şi recuperarea ulterioară a datelor, după cum au aflat utilizatorii de PC-uri cu sistem macOS atacate cu o nouă formă de ransomware numită „Patcher”, propagat cu ajutorul site-urilor BitTorrent şi deghizat în aplicaţii de tip Cracking Tool folosite la activarea frauduloasă a pachetelor Adobe Premiere Pro şi Microsoft Office for Mac.
The proof-of-concept exploit uses a low-cost transmitter to embed malicious commands into a rogue TV signal.
That signal is then broadcast to nearby devices. It worked against two fully updated TV models made by Samsung.
By exploiting two known security flaws in the Web browsers running in the background, the attack was able to gain highly privileged root access to the TVs.
By revising the attack to target similar browser bugs found in other sets, the technique would likely work on a much wider range of TVs.
[...]
Once a hacker has control over the TV of an end user [...] the TV could be used to attack further devices in the home network or to spy on the user with the TV’s camera and microphone.
The proof-of-concept exploit uses a low-cost transmitter to embed malicious commands into a rogue TV signal.
That signal is then broadcast to nearby devices. It worked against two fully updated TV models made by Samsung.
By exploiting two known security flaws in the Web browsers running in the background, the attack was able to gain highly privileged root access to the TVs.
By revising the attack to target similar browser bugs found in other sets, the technique would likely work on a much wider range of TVs.
[...]
Once a hacker has control over the TV of an end user [...] the TV could be used to attack further devices in the home network or to spy on the user with the TV’s camera and microphone.
Ce surpriză.
Din acest motiv am stupid TV si cand voi upgrada tot stupid TV voi lua . TV at trebui sai aibe cel mai bun panel si atat.
o CVE-2017-7494: All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
Actualizați repejor VLC la 2.2.5.1. Și Kodi, PopcornTime, pe orice platforme le folosiți.
Deși versiunea de Mac nu este explicit menționată, parserul de subtitrări este comun. Dacă payload-ul este țintit către MacOS n-o să vedeți prompt de parolă, VLC este cel care execută codul din payload.
By crafting malicious subtitle files, which are then downloaded by a victim’s media player, attackers can take complete control over any type of device via vulnerabilities found in many popular streaming platforms, including VLC, Kodi (XBMC), Popcorn-Time and strem.io.
Damage: By conducting attacks through subtitles, hackers can take complete control over any device running them. From this point on, the attacker can do whatever he wants with the victim’s machine, whether it is a PC, a smart TV, or a mobile device. The potential damage the attacker can inflict is endless, ranging anywhere from stealing sensitive information, installing ransomware, mass Denial of Service attacks, and much more.
Platforms Update:
PopcornTime– Created a Fixed version, however it is not yet available to download in the official website.
The fixed version can be manually downloaded via the following link: https://ci.popcorntime.sh/job/Popcorn-Time-Desktop/249
Kodi– Officialy fixed and available to download on their website. Link: https://kodi.tv/download
VLC– Officially fixed and available to download on their website
Link: http://get.videolan.org/vlc/2.2.5.1/win32/vlc-2.2.5.1-win32.exe
In the demo below we see the subtitles essentially activating a TinyVNC connection with the attacker’s machine, allowing full access for the desktop.
Inhalați o gură de heliu și spuneți repede “Hey Siri”.
Voice-controlled assistants by Amazon, Apple and Google [...] responded to commands broadcast at high frequencies that can be heard by dolphins but are inaudible to humans.
They were able to make smartphones dial phone numbers and visit rogue websites.
There’s a bug in the widely used Apache Web Server that causes servers to leak pieces of arbitrary memory in a way that could expose passwords or other secrets
Interestingly, the bug was first identified in 2014. Why it’s only now being patched is unclear.
Without root priveleges, if the user is logged in, I can dump and exfiltrate the keychain, including plaintext passwords. Normally you are not supposed to be able do that programmatically.
Acuma sa vedem cat ii pasa lui nenea Tim de oamenii care folosesc mac-urile sa faca bani cu ele si nu doar de instagramerii care au ultimul model cu ultimul os - pentru cate versiuni de OS X in spate o sa produca patch-ul ?
. TV at trebui sai aibe cel mai bun panel si atat.
