The BASH v.<4.3 can be vulnerable. Name: Shellshock.
Some info here:
NIST NVD – Vulnerability Summary for CVE-2014-6271 – https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271
The Register: http://www.theregister.co.uk/2014/09/24/bash_shell_vuln/
From the Nabtobox campaign
Access anything connected.. You can access, readout the status and control your networked thermostats, stream files from your PVR or media server, view the output of your surveillance cameras, alarm-system, get files from your NAS box or file-server, stop or start your lawn irrigation system, pool control system, even if the devices didn’t have an remote connect option installed… the possibilities are endless
Nabto-box is a retrofit solution for non-remote accessible networked Gizmos. A lot of Gizmos are born with network capabilities (like Ethernet or WIFI) and some newer Gizmos can also be reached remotely with the right remote access APP or software (which btw. is what we normally do), however the vast majority of Gizmos was only designed with local network access in mind, combined with cumbersome remote access. This is not a direct reflection of the vendor, it’s because remote P2P access is hard to do.
Announced price: $65 + shipping. For tinkerers and testers the campaign brings also some other solutions starting from $29.
If it will prove that is a secure device, it may be a great addon to any Home Automation Solution.
LDAP, Radius, Single Sign-On and Smart Card authentication solutions supported.
A great Remote Access Appliance.
This morning I found A GREAT RFC, the 3251.
RFC 3251 - Electricity over IP
I think this may be the solution. Unfortunately, it was one of the best kept secrets. Let's make it public available! Is about 11 years old and only pour connaisseurs.
UltraDedup is a command line program created to ease the storage of backup files of VMWare virtual machine files by compressing and/or removing duplicate data.
A command line example that will create a Chapter (= a collection of files) in an Archive and place two files in it:
ultradedup p "f:\MyArchives\VHD_Miller.ud"
–n "Some chapter name"
This is one of the most complex malware/threat till now.
Reading the Kaspersky article http://www.securelist.com/en/blog/208193522/The_Flame_Questions_and_Answers#page_top this malware seems to be a complex remote management and automation tool.
- appears to be able to record audio via the microphone
- sniffs the network traffic
- takes screenshots
- intercepts the keyboard
- Robocar Bill Stays Stalled, but DMS Climbs Hill July 4, 2020Auto Safety bill, 'Moving Forward Act," Climbs the Hill as it passed the House of Representatives this week, while AV tech industry-supported 'AV START Act' remains stalled. The post Robocar Bill Stays Stalled, but DMS Climbs Hill appeared first on EETimes.
- A Good Start: National Mask Day July 3, 2020I would like to propose Pandemic Act of 2020. It includes a National Mask Day, which requires everyone to wear a mask are required when he is outside home, with others. The post A Good Start: National Mask Day appeared first on EETimes.
- Making TinyML Easy: Who is Edge Impulse? July 3, 2020Quietly, but not secretly, building an end-to-end embedded developer platform for machine learning on microcontrollers The post Making TinyML Easy: Who is Edge Impulse? appeared first on EETimes.