Connect with us

Cars

Cisco: These Wi-Fi access points are easily owned by remote hackers, so patch now

Published

on

Cisco: DNS attacks will undermine trust in the internet
Sophisticated hacking group taps wide set of vulnerabilities as part of their global hacking spree.

Hackers from afar can mess around with Cisco’s Aironet industrial and business Wi-Fi access points because the devices have flawed URL access controls, Cisco has warned customers. 

The critical Aironet flaw has been assigned the identified CVE-2019-15260 and has a CVSS v3 score of 9.8 out of 10. 

The bug affects several Aironet product lines, including access points for industrial customers. It can be exploited by a remote attacker without the correct credentials, who could then tamper with device settings with elevated privileges or view sensitive corporate information. 

Cisco hasn’t divulged much information about the flaw, but the company admits that affected Aironet Wi-Fi boxes don’t currently implement sufficiently strong access controls for “certain URLs”. The attacker could exploit the bug by requesting “specific URLs” from the affected access point.

If an attacker successfully exploits the flaw, they could change the device’s network configuration, as well as potentially knock out the device and cause a denial of service on computer equipment connected to it. 

“An exploit could allow the attacker to gain access to the device with elevated privileges. While the attacker would not be granted access to all possible configuration options, it could allow the attacker to view sensitive information and replace some options with values of their choosing, including wireless network configuration,” said Cisco. 

Affected product lines include the Aironet 1540 series, 1560 series, 1800 series, 2800 series, 3800 series, and 4800 access points. 

Cisco notes that there are no workarounds for this issue, so the only option to secure the devices is to install a fixed release. 

Cisco also cautions customers that when attempting to install fixed software, they should treat the critical flaw as part of a collection of fixes.

This collection includes two more high-severity denial-of-service flaws affecting Aironet software – CVE-2019-15264 and CVE-2019-15261 – and one high-severity denial-of-service vulnerability, CVE-2019-15262, in the Secure Shell session management for the Cisco Wireless LAN Controller software. 

At present Cisco isn’t aware of any attempts to exploit the bugs and they were all discovered while Cisco was handling a customer-support query.

More on Cisco and networking security

  • Cisco warning: These routers running IOS have 9.9/10-severity security flaw
  • Patch now: Cisco IOS XE routers exposed to rare 10/10-severity security flaw  
  • Seriously? Cisco put Huawei X.509 certificates and keys into its own switches
  • New Cisco critical bugs: 9.8/10-severity Nexus security flaws need urgent update
  • Cisco critical-flaw warning: These two bugs in our data-center gear need patching now
  • Cisco alert: Patch this dangerous bug open to remote attacks via malicious ads
  • Thrangrycat flaw lets attackers plant persistent backdoors on Cisco gear
  • Cisco’s warning: Patch now, critical SSH flaw affects Nexus 9000 fabric switches
  • Cisco warns over critical router flaw
  • Cisco: These are the flaws DNS hijackers are using in their attacks
  • Cisco bungled RV320/RV325 patches, routers still exposed to hacks
  • Cisco tells Nexus switch owners to disable POAP feature for security reasons
  • Cisco: Patch routers now against massive 9.8/10-severity security hole
  • How to improve cybersecurity for your business: 6 tips TechRepublic
  • New cybersecurity tool lets companies Google their systems for hackers CNET


  • Source link

    Continue Reading
    Click to comment

    Leave a Reply

    Your email address will not be published.

    Cars

    Here’s How Long A Tesla Model Y Battery Will Actually Last

    Published

    on

    Many of us have found ourselves at the side of the road waiting for someone to arrive with a gas can to fill our empty tank. Pushing your gasoline-powered engine too far when the gauge is reading “E” will do that. And like pushing your luck with these types of vehicles, you’ll find yourself in a similar situation with an all-electric model if you aren’t planning your journey with care, requiring roadside assistance or an emergency charging solution.

    The Tesla Model Y is equipped with a long-range battery that will last you a full day on the road in the vast majority of situations. If you are driving the Performance Model Y, this vehicle will carry you an average of 303 miles on a full charge, according to Tesla. Should you be considering the Long-Range Model Y, you can expect the battery to last longer, getting 330 miles on the same charge. 

    By charging the EV overnight when you are finished, you’ll have a fully charged battery to begin your day, assuming you have a home charger. And if you are running low on juice, you’ll find over 35,000 Tesla Supercharging Stations around the world, around 1,400 of which are in the United States, according to the latest data from Scrape Hero. Plug your Model Y into one of these spots and Tesla says on its website that you can expect to get around 200 miles of range after 15 minutes of charging.

    Continue Reading

    Cars

    The Most Luxurious Features Of Leonardo DiCaprio’s $1.5 Million Motorhome

    Published

    on

    The features inside DiCaprio’s trailer are over-the-top, to say the least. It is 53-feet-long with four slide-out sections that can extend from 400 to 700 square feet at the touch of a button (via The Sun). According to Rovsek, it is the largest and most luxurious motorhome in the entire fleet.

    It comes equipped with two fireplaces (in case one was not enough), and state-of-the-art technology including seven TV screens throughout the entire trailer. The motor home features mirror-covered ceilings and heated marble floors in the bathrooms, living room, and kitchen. It also features a wine bar and heated marble floors, according to Bloomberg Quicktake.

    Surprisingly, the crown jewel in this upscale trailer is not the lounge area or the master bedroom. Instead, it is a custom-designed £40,000 walk-in shower. The shower was reportedly made with recycled glass and took craftsmen two weeks to install (via The Sun). 

    Continue Reading

    Cars

    Here’s The Easiest Way To Scan Your Android Phone For Viruses

    Published

    on

    There’s a common misconception about smartphones, and it’s a dangerous one: many people believe they don’t need to worry about viruses, spyware, and malware when they’re using a phone. If only that were true! Unfortunately, there are tons of smartphone viruses out there, and it’s more important than ever to try to protect yourself. After all, it’s not uncommon for our phones to hold access to some of our most private data, including passwords, messages, and even bank accounts. If you want to stay safe, it’s a good idea to scan your phone with an antivirus app.

    You might often hear about various computer hacks and exploits, but when it comes to smartphones, things are usually pretty quiet — but that’s not due to a lack of malicious software. According to AVTest, the number of Android malware is steadily growing. In 2021, the company registered 3.28 million instances of Android-specific malware, and there might very well be many more in reality. Even if you’re normally careful, it’s important to go the extra mile if you want to secure your phone alongside some of your most important data.

    Remember that even phones that come with various protective measures from the get-go, such as the Samsung Galaxy handsets, can become compromised. If you already have an antivirus app on your phone, make sure to use it regularly. However, if you don’t or you do but you’re looking to switch to something else, read on to see some of the options available.

    Popular antivirus apps for Android

    Much like there are plenty of viruses that affect Android phones, there are also lots of antivirus apps that might seem great at first glance. However, upon closer inspection, some of them are riddled with ads and don’t actually do much to help you stay protected. When you search for the right app to suit your needs, some of them will be free and some will require an upfront payment or a monthly subscription. Here are some of the most popular options (based on download numbers and ratings) for you to explore.

    • BitDefender for Android: You can use the free version of this app that will passively protect your phone as well as allow scanning for viruses, but you can also pay to use the full-fledged version that expands the security and adds VPN access.
    • Avast One Essential: Avast is a well-known antivirus company in the PC space, but it also has a popular Android app. You can use the app for free to receive virus protection and a small amount of VPN bandwidth, but there’s a premium option too — and, unfortunately, the app will constantly remind you of that fact.
    • Norton 360: This is yet another PC giant that made its way to Android. Norton doesn’t offer a free version of its app, but if you’re willing to pay for it, you will get a number of features, including an ad blocker and a Wi-Fi analysis tool. The app costs $14.99 per year for the first year and then goes up to $30 per year.
    • Kaspersky for Android: This is a solid antivirus option even if you use the free version, but unfortunately, you only get real-time protection if you pay $15 per year for the premium version.

    Pick the app that best suits your needs, download it from the Google Play Store, and install it onto your Android smartphone or tablet.

    How to use antivirus software on Android

    Each of the apps mentioned above should provide you with enough protection to not have to worry about Android viruses too much. Whether you chose a paid or a free version, you will have access to a tool that will scan your phone for malicious software. You should do this periodically. Doing so every couple of weeks is a safe approach, especially if you use your phone often. Make it a habit to always run a scan if you accidentally find yourself clicking a link that doesn’t seem all too trustworthy, too. We’ll now give you a quick rundown of what to do with your new antivirus app.

    1. Pick your app and install it through the Google Play Store. 
    2. You will most likely have to register an account to use the app.
    3. If you are picking a paid option, pay for your chosen service.
    4. Each of the apps will offer to scan your phone as the first step after set-up. This will check all of the apps on your phone and your storage for viruses.
    5. Once the scan is concluded, you can review the results. If any viruses were found, you’ll be told where they were. Remove all of them through the app.
    6. Go into the app settings and look for options to set up regular scanning. Depending on the app, you may also be offered real-time protection, which will run in the background as you use your phone.

    Make sure to repeat these scans every so often. After you’ve had the chance to familiarize yourself with the free version of the antivirus product, you might want to consider upgrading. In the case of BitDefender and Avast, it’s most likely going to be worth it — especially if you want to regularly use a VPN and don’t already subscribe to one.

    Continue Reading

    Trending