Säkerhetspodcasten avs.111 – Jul 2017

Lyssna

iTunes | mp3

Innehåll

I dagens avsnitt firar panelen jul med lite bra tips inför helgerna. Vi diskuterar även gamla attacker som blivit nya igen (och fått en logotyp), konstaterar att Amazon Key var en dålig idé och hastar oss igenom en snygg sårbarhetskedja i Palo Alto-prylar.

Inspelat: 2017-12-14. Längd: 00:54:31.

Länkar

ROBOT ATTACK

https://robotattack.org/

Return of Bleichenbacher’s Oracle Threat – ROBOT is the return of a 19-year-old vulnerability that allows performing RSA decryption and signing operations with the private key of a TLS server.

Amazon Key

https://boingboing.net/2017/11/16/dont-use-amazon-key.html

Hackers can freeze the camera that lets you know whether your ”Amazon Key” equipped door is locked and who is using it.

Palo Alto Networks firewalls remote root code execution

http://seclists.org/fulldisclosure/2017/Dec/38

Three separate bugs can be used together to remotely execute commands as
root through the web management interface without authentication on: PAN-OS
6.1.18 and earlier, PAN-OS 7.0.18 and earlier, PAN-OS 7.1.13 and earlier,
PAN-OS 8.0.5 and earlier.

Flattr this!

Kommentera

E-postadressen publiceras inte.