Security Alerts & News
by Tymoteusz A. Góral

History
#1175 Software flaw puts mobile phones and networks at risk of complete takeover
A newly disclosed vulnerability could allow attackers to seize control of mobile phones and key parts of the world's telecommunications infrastructure and make it possible to eavesdrop or disrupt entire networks, security experts warned Tuesday.

The bug resides in a code library used in a wide range of telecommunication products, including radios in cell towers, routers, and switches, as well as the baseband chips in individual phones. Although exploiting the heap overflow vulnerability would require great skill and resources, attackers who managed to succeed would have the ability to execute malicious code on virtually all of those devices. The code library was developed by Pennsylvania-based Objective Systems and is used to implement a telephony standard known as ASN.1, short for Abstract Syntax Notation One.
Read more
#1183 Internet of Things security is dreadful: Here's what to do to protect yourself
#1182 ARM, Symantec build security standard for Internet of Things
#1181 Oracle patches record 276 vulnerabilities with July critical patch update
#1180 SoakSoak botnet pushing neutrino exploit kit and CryptXXX ransomware
#1179 Firefox to block non-essential Flash content In August 2016, require click-to-activate In 2017
#1178 Attackers launch multi-vector DDoS attacks that use DNSSEC amplification
#1177 Wave of business websites hijacked to deliver crypto-ransomware
#1176 Library of Congress hit with a denial-of-service attack
#1175 Software flaw puts mobile phones and networks at risk of complete takeover
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12