End of 2017 Hardware Flaws [ Bluetooth & Intel ] ...
OldMidWest Swabbie
Reported in the February/March issue of Admin and their newsletter (11/21/17) :
In September, Armis Labs disclosed a new attack vector called BlueBorne that affects Bluetooth devices. Every desktop, IoT, and mobile platform, including Android, iOS, Linux, and Windows, was affected by the bug. The only exception was macOS.
Armis said, “BlueBorne allows attackers to take control of devices, access corporate data and networks, penetrate secure “air-gapped” networks, and spread malware laterally to adjacent devices. Armis reported these vulnerabilities to the responsible actors, and is working with them as patches are being identified and released.”
Armis is now reporting that two major AI-powered virtual assistants, Amazon Echo and Google Home, are also affected by BlueBorne.
----------------
Intel has acknowledged the seriousness of the Active Management Technology (AMT) vulnerability.
Earlier this year, there were multiple reports of vulnerabilities in Intel’s Management Engine (ME) that allows remote management of corporate systems. The vulnerabilities were discovered by a researcher at Embedi, a firm that specializes in securing IoT devices.
Embedi said that the Intel Active Management Technology (AMT) vulnerability was the first of its kind. “The exploitation allows an attacker to get full control over a business computers, even if they are turned off (but still plugged into an outlet),” wrote Embedi in an advisory.
“By nature, the Intel AMT exploitation bypasses authentication. In other words, an attacker may have no credentials and still be able to use the Intel AMT functionality. Access to ports 16992/16993 are the only requirement to perform a successful attack,” wrote Embedi.
Now, after months of analysis, Intel has admitted that these vulnerabilities leave millions of corporate PCs exposed to attacks.
The affected products include sixth, seventh, and eighth generation Intel Core Processor Family; the Intel Xeon Processor … and the Apollo Lake Intel Pentium and Celeron N and J series processors.
---------------- < 1/16/18 >
Intel can’t get a break from the security flaws that plague its chips.
F-Secure researchers have found a way to exploit the security flaw in AMT that allows a local attacker to backdoor almost any corporate laptop in a matter of seconds, even if the BIOS password, TPM Pin, Bitlocker and login credentials are in place. Once the system is compromised, the attacker can control it remotely.
“The attack is almost deceptively simple to enact, but it has incredible destructive potential,” said
Harry
Sintonen, F-Secure’s Senior Security Consultant. “In practice, it
can give a local attacker complete control over an
individual’s work laptop, despite even the most extensive security
measures,” Sintonen says.
Most people would dismiss such flaw as a real threat because it does require ‘physical’ access to the target device. Sintonen said it’s not that hard. One attacker distracts the target while other attacker quickly gains access to the laptop. The whole operation can be done in under a minute, said Sintonen.
=-=-=-=-=-=
Here are links to these reports and their links to resources
< Millions of Intel Processors Vernerable to Attack >
< Intel's AMT Flaw Allows Creation of a Backdoor >
Steve Alexander
BlueBorne - get to the 4.14 kernel or later. On android -Armis BlueBorne Scanner App on Google Play. Others - https://www.armis.com/blueborne/
--
You received this message because you are subscribed to the Google Groups "Akron Linux Users Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to akronlug+unsubscribe@googlegroups.com.
To post to this group, send email to akro...@googlegroups.com.
Visit this group at https://groups.google.com/group/akronlug.
For more options, visit https://groups.google.com/d/optout.