Kr00k Wi-Fi Encryption Flaw Affects More Than a Billion Devices
Cybersecurity researchers from ESET have disclosed a high-severity hardware vulnerability, Kr00k, that affects Wi-Fi chips developed by Cypress and Broadcom. The vulnerable chips are currently used by over one billion devices, including laptops, IoT devices, smartphones, tablets, and routers. The vulnerability, CVE-2019-15126, is related to KRACK (Key Reinstallation Attacks), which targets WPA2 Wi-Fi networks.
According to the paper published by ESET, the flaw “causes vulnerable devices to use an all-zero encryption key to encrypt part of the user’s communication.” To exploit the flaw, an attacker forces a device to disconnect from a network and then uses the vulnerability to manifest itself after the disassociation. The ESET paper continues, “Once a station’s WLAN session gets disassociated (1), the session key (TK) stored in the Wireless Network Interface Controller’s (WNIC) Wi-Fi chip is cleared in-memory – set to zero.”
The vulnerability lies in the way the chips implement their Wi-Fi encryption protocol, not in the protocol itself. Additionally, communications protected by TLS can’t be recovered by exploiting this flaw.
SecurityAffairs
Apple has released security updates for devices using Broadcom or Cypress chips.
Read more here
Facial Recognition Startup Clearview Suffers Data Breach
Clearview, facial recognition software used by hundreds of law enforcement agencies throughout the United States, has become a victim of a data breach. According to a report by The Daily Beast, the exposed data includes the company’s customer list, the number of searches the customers have made, and the number of accounts for each customer.
In an email to its customers, Clearview states:
“Security is Clearview’s top priority…Unfortunately, data breaches are part of life in the 21st century. Our servers were never accessed. We patched the flaw and continue to work to strengthen our security.”
The company currently possesses a database of three billion photos scrapped off the internet from websites such as Venmo, LinkedIn, Facebook, and YouTube.
Read more here
Links for Private WhatsApp and Telegram Groups Available in Public Searches
Multimedia journalist Jordan Wildon has discovered private invite links for WhatsApp and Telegram groups via simple searches on the web.
Groups for illegal pornography, the far-right, anti-government movements, and more were found throughout numerous search engines, including Google. Jane Wong, another individual, unearthed around 470,000 group invite links being indexed by search engines.
Because the admin owners of these groups generate and share the links online, search engines are able to index and reveal them. WhatsApp took initial steps to remediate the issue by removing the existing listings from Google and adding a ‘noindex’ meta tag on the groups’ invitation links.
Adding the ‘noindex’ meta tag helps prevent web crawlers from indexing the page containing the various groups’ links. Telegram has yet to fix the issue.
Get more information here
Google Patches Chrome Browser Zero-Day Bug, Under Attack
Google has released a patch for its popular Chrome web browser, remediating a zero-day flaw that hackers are currently exploiting in the wild. The vulnerability, CVE-2020-6418, is a high severity confusion bug that impacts all versions of Chrome before 80.0.3987.122 on Windows, Linux, and macOS devices. Google is withholding the technical details of the vulnerability until a majority of users patch their systems. However, according to ThreatPost, the bug relates to Chrome’s open-source JavaScript and Web Assembly engine, V8.
Other relevant bugs include CVE-2020-6407, an “out of bounds memory access in streams” flaw and an integer vulnerability flaw that has not obtained a CVE yet.
Read more here
New LTE Network Flaw Could Let Attackers Impersonate 4G Mobile Users
A new attack, dubbed IMPersonation Attacks in 4G NeTworks (IMP4GT), allows malicious actors to impersonate users on a network. A group of academic researchers from Ruhr University Bochum and New York University Abu Dhabi discovered the attack, stating it “exploits the mutual authentication method used by the mobile phone and the network’s base station to verify their respective identities to manipulate data packets in transit.”
With the lack of integrity protection alongside a reflection mechanism of the mobile device, the attackers can inject arbitrary packets and decrypt packets. The vulnerability affects all devices that use LTE connectivity, including smartphones, tablets, and IoT devices.
TheHackerNews