Security News
A research team from WizCase, led by researcher Ata Hakçıl, reviewed 3,100 configurations of Eduroam at universities throughout Europe, finding that more than half of them have issues that can be exploited by threat actors. It assigns students, researchers and faculty members log-in credentials that allow them to obtain internet connectivity across different institutions by using credentials from their own university.
New vulnerabilities have been discovered in Fortress S03 Wi-Fi Home Security System that could be potentially abused by a malicious party to gain unauthorized access with an aim to alter system behavior, including disarming the devices without the victim's knowledge. The Fortress S03 Wi-Fi Home Security System is a do-it-yourself alarm system that enables users to secure their homes and small businesses from burglars, fires, gas leaks, and water leaks by leveraging Wi-Fi and RFID technology for keyless entry.
Taiwanese chip designer Realtek is warning of four security vulnerabilities in three software development kits accompanying its WiFi modules, which are used in almost 200 IoT devices made by at least 65 vendors. CVE-2021-35394 - Multiple buffer overflow vulnerabilities and an arbitrary command injection vulnerability in 'UDPServer' MP tool.
1200 with the awaited new Windows Hello security feature, WPA3 HPE support, and GPU computing in the Windows Subsystem for Linux. In July, Microsoft officially released the Windows 10 21H2 feature update to Insiders for testing but stated that its new features would be coming later.
Gryphon Online Safety announced the launch of their newest product, the Gryphon AX. The Gryphon AX features the same comprehensive parental controls, next-generation firewall, and powerful mesh Wi-Fi as previous products, with the additional features of next-generation Wi-Fi 6 technology. The incorporation of Wi-Fi 6 has resulted in Gryphon's fastest router yet, with a 40% increase in Wi-Fi speed.
Taiwanese chip designer Realtek is warning of four security vulnerabilities in three software development kits accompanying its WiFi modules, which are used in almost 200 IoT devices made by at least 65 vendors. CVE-2021-35394 - Multiple buffer overflow vulnerabilities and an arbitrary command injection vulnerability in 'UDPServer' MP tool.
Taiwanese chip designer Realtek has warned of four vulnerabilities in three SDKs accompanying its Wi-Fi modules, which are used in almost 200 products made by more than five dozen vendors. Security firm IoT Inspector, based in Bad Homburg, Germany, disclosed the vulnerabilities to Realtek in May, and said more than 65 hardware makers' products incorporate the Realtek RTL819xD module, which implements wireless access point functions and includes one of the vulnerable SDKs. "By exploiting these vulnerabilities, remote unauthenticated attackers can fully compromise the target device and execute arbitrary code with the highest level of privilege," the biz said in its advisory, estimating - conservatively, we think - that almost a million vulnerable devices may be in use, including VoIP and wireless routers, repeaters, IP cameras, and smart lighting controls.
Edgecore Networks announced the launch of a series of Wi-Fi 6 access points that provide the ultimate Wi-Fi performance and enterprise-grade security for SME, enterprise, carrier, or any high-density scenarios. Featuring Wi-Fi 6 advanced technology, EAP101 and EAP102 provide amazing Wi-Fi speed on both 5GHz and 2.4GHz bands for better streaming, video conferencing, and collaboration, all with lower latency, higher capacity, and reliable connectivity.
Extreme Networks announced a new Wi-Fi 6E access point: the Extreme AP4000 universal wireless platform, capable of operating in the 6 GHz frequency spectrum. Extreme's lead customers, including large healthcare providers, are rolling out Wi-Fi 6E technology in environments that demand high performance and reliable wireless connectivity to support a dense device population.
Apple has rolled out security updates to address dozens of iOS and macOS vulnerabilities, including a severe iOS bug dubbed WiFiDemon that could lead to denial of service or arbitrary code execution. The vulnerability, tracked as CVE-2021-30800 and a zero-day bug when security researcher Carl Schou publicly disclosed it, was fixed by Apple with the release of iOS 14.7 earlier this week.