The BASH v.<4.3 can be vulnerable. Name: Shellshock.
Some info here:
NIST NVD – Vulnerability Summary for CVE-2014-6271 – https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271
The Register: http://www.theregister.co.uk/2014/09/24/bash_shell_vuln/
From the Nabtobox campaign
Access anything connected.. You can access, readout the status and control your networked thermostats, stream files from your PVR or media server, view the output of your surveillance cameras, alarm-system, get files from your NAS box or file-server, stop or start your lawn irrigation system, pool control system, even if the devices didn’t have an remote connect option installed… the possibilities are endless
Nabto-box is a retrofit solution for non-remote accessible networked Gizmos. A lot of Gizmos are born with network capabilities (like Ethernet or WIFI) and some newer Gizmos can also be reached remotely with the right remote access APP or software (which btw. is what we normally do), however the vast majority of Gizmos was only designed with local network access in mind, combined with cumbersome remote access. This is not a direct reflection of the vendor, it’s because remote P2P access is hard to do.
Announced price: $65 + shipping. For tinkerers and testers the campaign brings also some other solutions starting from $29.
If it will prove that is a secure device, it may be a great addon to any Home Automation Solution.
LDAP, Radius, Single Sign-On and Smart Card authentication solutions supported.
A great Remote Access Appliance.
This morning I found A GREAT RFC, the 3251.
RFC 3251 - Electricity over IP
I think this may be the solution. Unfortunately, it was one of the best kept secrets. Let's make it public available! Is about 11 years old and only pour connaisseurs.
UltraDedup is a command line program created to ease the storage of backup files of VMWare virtual machine files by compressing and/or removing duplicate data.
A command line example that will create a Chapter (= a collection of files) in an Archive and place two files in it:
ultradedup p "f:\MyArchives\VHD_Miller.ud"
–n "Some chapter name"
This is one of the most complex malware/threat till now.
Reading the Kaspersky article http://www.securelist.com/en/blog/208193522/The_Flame_Questions_and_Answers#page_top this malware seems to be a complex remote management and automation tool.
- appears to be able to record audio via the microphone
- sniffs the network traffic
- takes screenshots
- intercepts the keyboard
- We Need to Talk About Buttons September 29, 2020Why is it that buttons always seem to be placed someplace other than where they'd be most useful The post We Need to Talk About Buttons appeared first on EETimes.
- Capture-the-Flag Competitions Need to Include Hardware September 29, 2020Hackers are increasingly probing hardware for security vulnerabilities. The industry needs to develop expertise to counteract those attacks. The post Capture-the-Flag Competitions Need to Include Hardware appeared first on EETimes.
- US Reportedly Restricts Exports to SMIC September 28, 2020The U.S. is reported to have restricted exports to SMIC, citing the possibility the technology could support China's military. The post US Reportedly Restricts Exports to SMIC appeared first on EETimes.