Saturday, April 8, 2017

Cyber Updates - 08/04

Hey all,
Here are this week's cyber updates:

(1) Broadcom Wi-Fi chip was found to be vulnerable (CVE-2017-6956) to remote code execution. Security researcher Gal Beniamini has found a stack overflow vulnerability in the vendor's Wi-Fi chip, allowing a malicious user to craft Wi-Fi frames to the Wi-Fi controller. This allows an attacker in close proximity to your mobile device to overwrite the phone’s RAM, hence allowing them to execute malicious code on the mobile device.
Since Broadcom is the most used Wi-Fi chip for mobile devices, numerous mobile phones were vulnerable to this hack, including Apple (CVE-2017-6975) and Nexus, both of which have issued a fix for this new vulnerability.

(2) ATMs in Russia were hacked using a fileless malware, allowing the attackers to steal $800,000 in a single night. The malware has allowed the attacker to approach the infected ATM machine and collect the cash without touching the ATM!
According to TheHackerNews, the malware is remotely installed and executed on ATMs via their remote administration module, thus giving hackers the ability to form an SSH tunnel, deploy the malware, and then sending the command to the ATM to dispense cash.

Stay tuned for more updates,
Dan Gurfinkel
Head of Offensive Security & Response Unit