Palo Alto gateway security alert, FSB hack, scourge of data-stealing web plugins, and more Let's catch up with all the recent infosec news beyond what we've already covered. Palo Alto Networks gateway apps vulnerable to hijacking If you're using Palo Alto Network's GlobalProtect Portal or Gateway, ensure you're using the latest version of the software. The biz quietly issued a maintenance update to close a security …
"Whilst reverse engineering the BLE communications was an interesting challenge, it’s not actually necessary. As there is no pairing or bonding established over BLE when connecting a phone, anyone in range with the app can take control of the straighteners."
Good. This product doesn't deserve any security.
What I'd like to see is some Turing-like proof that ANYTHING "smart" CAN and WILL be hacked to cause physical harm, then present the proof to mainstream news as a means to convince legislators to regulate such products to save lives.
Including electrical or gas board smart meters. The challenge to attackers, whether state-sponsored or mischievous kiddies, is substantial. But the scale of damage possible is staggering. </rant>
I sure hope those guys at 0v1ru$ are not based in Russia or thereabouts. That contractor will never be heard of again, and if those hackers are not on another continent, I think they are going to have to learn to live while looking over their shoulders for the rest of their lives.
The CIA, the DoD, the FBI, they can impress you, but the FSB is going to send a team to kill you. After interrogation. Painful interrogation.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
