The BASH v.<4.3 can be vulnerable. Name: Shellshock.
Some info here:
NIST NVD – Vulnerability Summary for CVE-2014-6271 – https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271
The Register: http://www.theregister.co.uk/2014/09/24/bash_shell_vuln/
From the Nabtobox campaign
Access anything connected.. You can access, readout the status and control your networked thermostats, stream files from your PVR or media server, view the output of your surveillance cameras, alarm-system, get files from your NAS box or file-server, stop or start your lawn irrigation system, pool control system, even if the devices didn’t have an remote connect option installed… the possibilities are endless
Nabto-box is a retrofit solution for non-remote accessible networked Gizmos. A lot of Gizmos are born with network capabilities (like Ethernet or WIFI) and some newer Gizmos can also be reached remotely with the right remote access APP or software (which btw. is what we normally do), however the vast majority of Gizmos was only designed with local network access in mind, combined with cumbersome remote access. This is not a direct reflection of the vendor, it’s because remote P2P access is hard to do.
Announced price: $65 + shipping. For tinkerers and testers the campaign brings also some other solutions starting from $29.
If it will prove that is a secure device, it may be a great addon to any Home Automation Solution.
LDAP, Radius, Single Sign-On and Smart Card authentication solutions supported.
A great Remote Access Appliance.
This morning I found A GREAT RFC, the 3251.
RFC 3251 - Electricity over IP
I think this may be the solution. Unfortunately, it was one of the best kept secrets. Let's make it public available! Is about 11 years old and only pour connaisseurs.
UltraDedup is a command line program created to ease the storage of backup files of VMWare virtual machine files by compressing and/or removing duplicate data.
A command line example that will create a Chapter (= a collection of files) in an Archive and place two files in it:
ultradedup p "f:\MyArchives\VHD_Miller.ud"
–n "Some chapter name"
This is one of the most complex malware/threat till now.
Reading the Kaspersky article http://www.securelist.com/en/blog/208193522/The_Flame_Questions_and_Answers#page_top this malware seems to be a complex remote management and automation tool.
- appears to be able to record audio via the microphone
- sniffs the network traffic
- takes screenshots
- intercepts the keyboard
- Comment on Coming to Grips with Earned Value Management by Paul838 January 16, 2020EVM is essential when there's need of project monitoring. It's helpful when the project team needs to figure out whether there's need of taking corrective actions regarding the project schedule and budget performance. Great article, thanks for sharing! Paul - HUSH Project Management & Consulting Limited
- Comment on White House Proposes Hands-Off Approach to AI Regulation by MWagner_MA January 14, 2020One glaring thing is missing in this agenda - assigning responsibility/liability of the performance of the product to the manufacturer - NOT the user! If regulations ensure this, companies will need to establish a certain level of reliability in order to get insurance. This provides at least some balance to what is now the "wild […]
- Comment on CES Image Gallery: It’s a Wrap by ubm112211 January 13, 2020dumbest corporate slogan this slogan most likely comes from a AI translator. maybe not google one.