Meltdown and Spectre – Bugs in modern computers leak passwords and sensitive data.

Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.

Meltdown and Spectre work on personal computers, mobile devices, and in the cloud. Depending on the cloud provider’s infrastructure, it might be possible to steal data from other customers.

 

Read More Below:

Meltdown and Spectre

Every WiFi connection at risk of new “KRACK” WiFi hacking attack

The first new WiFi security vulnerability to be found in 14 years is real a doozey!  

 

The WPA2 encryption protocol which is widely used to secure WiFi traffic is at risk from multiple vulnerabilities, collectively known as “KRACK Attacks”, or Key Reinstallation AttACKs, that were publicly disclosed on October 16, 2017. Every single WiFi connection currently in use is potentially at risk of being hacked security researchers disclosed in a recently released research paper.  These vulnerabilities effect both WiFi Access Points or Routers as well as WiFi enabled devices such as Phones, Laptops, Cameras and any devices connected to and communicating over a WiFi network.

The attacks, which cannot be carried out remotely, allow a malicious individual to replace, or reinstall, one of the security keys used to encrypt the communications on a WiFi network with a key of the attacker’s choosing.  This allows an attacker to gain access to otherwise encrypted data.  This could allow them to view your passwords, credit card numbers, photos and snoop on all traffic sent over the WiFi network.  If your home or business uses a single network for Wired and Wireless communication, as most off-the-shelf routers do, this could even include communications to wired devices as well.  While the attack is not technically easy to complete for all devices, tools are likely to be made available shortly that will allow less technically savvy people to carry out the attack.

As of this time, the only way to fix this flaw would be to manually replace or patch every WiFi device in existence currently, no small feat.  Given that the publication of these vulnerabilities has been withheld, a fix is likely already in the works — or already completed — from major device vendors, but this will only affect those devices that are currently receiving software updates.  Older, abandoned devices, will likely remain vulnerable to these attacks.

Full details on the attacks with P.O.C. demonstrations and further news are available on the following website:

 

KRACK Attacks: Breaking WPA2

Spotted in the Wild: Fake Facebook messages spreading malicious content

There is a new malware campaign on the rise which has recently been spotted spreading via Facebook private messages.  While the idea behind the campaign is not new, using instant messaging to spread links to malware hosting web pages, the length to which the malware authors have gone to target their victims is not something we typically see in a fly-by-night malware campaign.

The links in the message take you to a Google Docs document page.  The document has already taken a picture from the victim’s Facebook page and created a dynamic landing page which looks like a playable movie. When the victim clicks on the fake playable movie, the malware redirects them to a set of websites which enumerate their browser, operating system and other vital information. Depending on their operating system they are directed to other websites.

It has been a while since I saw these adware campaigns using Facebook, and its pretty unique that it also uses Google Docs, with customized landing pages. As far as I can see no actual malware (Trojans, exploits) are being downloaded but the people behind this are most likely making a lot of money in ads and getting access to a lot of Facebook accounts.

Please make sure that you don’t click on these links, and please update your antivirus!

 

Read more on this threat below: