Comprehensive Software Reviews to make better IT decisions
Kr00k Wi-Fi Vulnerability Leads to Widespread Concerns
There is a vulnerability at the layer 2 Wi-Fi encryption level called Kr00k (formally CVE-2019-15126 in the NIST National Vulnerability Database) affecting Broadcom and Cypress Semiconductor Wi-Fi devices.
Broadcom and Cypress Wi-Fi technology are two of the most popular wireless chip technologies in the market, prevalent in mobile phones, laptops, wireless access points, and internet of things (IoT) devices. Both PC and MacOS devices are reported as subject to this bug.
Researchers from antivirus vendor ESET, who discovered the vulnerability, presented their findings at the RSA Conference 2020.
“Kr00k manifests itself after Wi-Fi disassociations – which can happen naturally, for example due to a weak Wi-Fi signal, or may be manually triggered by an attacker,” said lead ESET researcher Miloš Cermák. “If an attack is successful, several kilobytes of potentially sensitive information can be exposed. By repeatedly triggering disassociations, the attacker can capture a number of network packets with potentially sensitive data.”
Exploit of the vulnerability can occur when Wi-Fi devices disassociate with their WLAN access points, a common occurrence in weak signal scenarios and is usually corrected automatically by the Wi-Fi hardware and WLAN protocols.
Data leak is always of concern to corporate IT departments.Many manufacturers have released patches that should be applied on all devices at the infrastructure and endpoint levels. Consult with your hardware vendors to determine if a patch for your various platforms is available and schedule their installation as soon as possible.
A vulnerability has been discovered in Apple iOS and iPadOS where VPN (virtual private networking) can be bypassed, thereby not securing all traffic within the secure VPN tunnel.
SC Media had its recent 2020 SC Awards Honored in the U.S. event and has awarded Qualys recognition for Best Vulnerability Management Solution in the “Trust Awards” category.
Qualys announced its new flagship product, Qualys VMDR, at RSA Conference 2020. According to the Qualys website, VMDR will be available after March 30, 2020.
Microsoft’s end-of-life support for Windows 7 has run into its first set of issues with its extended security updates (ESUs). Administrators who paid for the ESU found out their downloads are not applying.
Qualys’ newest product, VMDR (Vulnerability Management, Detection, and Response), will be available in March and will provide an all-in-one cloud-based solution for vulnerability management. VMDR will automate the entire management cycle on all endpoints.
Microsoft has added its Windows 10 Tamper Protection controls to the public version of Microsoft Defender. Previously available only to enterprise users, Tamper Protection is intended to better detect threats that make it past other defences and to provide remediation suggestions.
Qualys Research Labs, a vulnerability management provider, discovered a vulnerability in the OpenSMTPD Mail server used in conjunction with the OpenBSD operating system. This flaw allows for an attacker to execute arbitrary code with command privileges.
A leaked UN report showed that servers were compromised during a cyberattack that exploited an older version of Microsoft SharePoint. This breach is a case study in the importance of both patch management and transparency.
Reported by Microsoft on January 17, the company admitted to another vulnerability in the older versions of its Windows products. A vulnerability in the remote code execution (RCE) was found in the scripting engine of Internet Explorer (IE).