Broadcom WiFi Chipset Driver Defect Takes Its Toll On OSs, IoTs, Phones and Other Devices.




Reportedly, the flaws in the Broadcom WiFi chipset drivers are causing a lot of trouble for phones and operating systems that are exposed to it.


This means, attackers could be allowed to execute arbitrary code and initiate DOS. (Denial of Service)

As reported by an intern of a reputed lab, the Broadcom drivers and the open source “brcmfmac” driver possess several vulnerabilities.

As it turns out, the Broadcom drivers are susceptible to “two heap buffer overflows.” Whereas, the ‘brcmfmac’ drivers are susceptible to frame validation bypass as well as heap buffer overflow.

Per the Common Weakness Enumeration database, the heap buffer overflows could cause the software to run in an infinite loop, system crashes, along with execution of arbitrary code.


These above activities are evidently beyond the security policies and security services.

The aforementioned Broadcom WiFi chips are insidiously used by almost everyone without their knowing it. From a laptop through the IoT devices to the smart TVs all the devices have these chip drivers.


As these chips are enormously prevalent, they comprise of an even more enormous target range. Any simple vulnerability or flaw found in them could be a matter of serious risk.

The Broadcom WiFi chipset drivers could be easily exploited by the unauthenticated attackers by way of sending malicious “WiFi packets”.

These packets would later on help in initiating the arbitrary code execution. All the attacks would simply lead to Denial of Service.

In the list of the risks that stand to vulnerable devices, Denial of Service attacks and arbitrary code execution are on the top. These flaws were found also in Linux kernel and the firmware of Broadcom chips.

According to the source note, the four brcmfmac and Broadcom wl drivers vulnerability is of the sort, CVE-2019-8564, CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, CVE-2019-9503.

·       CVE-2019-9503: When the driver receives the firmware event frame from the remote source, it gets discarded and isn’t processed. When the same is done from the host the appropriate handler is called. This validation could be bypassed if the bus used is a USB.

·       CVE-2019-9500: A malicious event frame could be constructed to trigger a heap buffer overflow.



·       CVE-2019-9501: The vendor is supplied with the information with data larger than 32 bytes and  a heap buffer overflow is triggered in “wlc_wpa_sup_eapol”

·       CVE-2019-9502: when the vendor information data length is larger than 164 bytes a heap buffer overflow is triggered in “wlc_wpa_plumb_gtk”

If the wl driver’s used with SoftMAC chipsets the vulnerabilities are triggered in the host’s kernel whereas, when used with FullMAC chipset, they are triggered in chipset’s firmware.

There are approximately over 160 vendors that stand vulnerable to Broadcom WiFi chipsets within their devices.

Two of Broadcom’s vulnerabilities were patched which were found in the open source brcmfmac Linux kernel.

CVE-2019-8564 vulnerability had been patched by Apple as a part of their security update, a day before the developer revealed the vulnerabilities.


Don't Dare Cancel Movie Tickets Online; You Could Be Subject To Fraud, "Vishing" To Blame!




A woman got scammed and was fraudulently ripped off of Rs.40,000 after she decided to cancel her movie tickets online. This is what exactly happened.


Reportedly a resident of Jankipuram, Lucknow, the aforementioned lady cancelled her movie tickets that she had booked via a popular website.

Things went sideways, when she called a "customer care executive" to claim a refund. 

This is a classic paradigm for "Vishing". The call version of Phishing, wrests money during the duration of the call.

Despite having cancelled her tickets within the stipulated period, the amount wasn't credited to her account.

She called the "customer care executive" and after he irritably answered she had to file a TOI report.

Furthermore she got a call from someone pretending to be from the ticket booking website she'd used.

The person lured her into giving away the details of her credit cards, putting up an act of helping her.

Pretty soon after the call was hung up, the woman noticed Rs. 40,000 missing from her account.


As customary to a "Vishing" fraud, the victim receives a call where the caller pretends to be a representative of a company.

To keep up the pretense, the caller would ask for the victim's details like name, date of birth and mobile number. Furthermore, the call's made from a landline.

The next step is pretty cliche. The victim ill be asked to reveal the details like their customer ID of online banking or credit/debit cards details.

Then come the bank account details followed by asking for the OTP on the victim's phone.

The main motive behind "Vishing" is hijacking the victim's online bank account and trying to harvest the money on it.

Cyber Tip:  No Legit Bank/Company Representative Would Ever Ask For Your Personal Details. Ever!

Canadian Internet Registration Authority’s Car Parking System Struck By Ransomware!








Reportedly, CIRA’s car parking system was infected via a ransomware and was hacked into to let people park for free.


Canadian Internet Registration Authority is a gigantic internet domain which has 2.8 million, under its wings with a .ca domain.

The yet anonymous cyber-cons compromised CIRA’s car parking system, aiding people to park without getting their parking passes scanned.

Allegedly, some other company manages the car parking under CIRA.

Initially the cause which was thought to be a power failure or mechanical system crash, turned out to be a ransomware attack.



The database which was used by the car parking system for management was specifically compromised.

That very database also holds tens and tens of employee credit cards which if in wrong hands could wreak serious havoc.

After further analysis it was discovered that the ransomware in question could possibly be “Darma”.

This ransomware goes about infecting computers by way of RDP connections restricting to system that run on RDP (Remote Desktop Protocol) online.

These cyber-cons target the RDP protocol which runs on 3389. After performing a brute force attack they tried to harvest administrative credentials.


Later on an attempt at performing malicious activities on the system as made.

The silver lining happens to be that the stored card details would reclaim all the damage done by the free parking.

According to CIRA’s security survey, 37% of businesses don’t employ anti-malware protections.

CIRA also cited that they have no way whatsoever of knowing what sort of security measures are employed by the car parking in question.


Crypto-jacking: A New Vector of the Cyber-Cons after Ransomware!




Apparently, according to the records of 2018, after getting bored with ransomware attacks, crypto-jacking has become the new tool of cyber-cons for harvesting crypto-currency.



Crypto-jacking by nature is more insidious and stealthy and hence in the past year has emerged as a better way of harvesting crypto-currency.

Initially, the best choice for doing the same was ransomware, but having surpassed it, Crypto-jacking is now cyber-cons’ favorite option.

2018, unlike any other year in the cyber-crime history saw a lot of cyber-attacks, wherein the crypto-jacking attacks constituted to be amongst the most.

The report of IBM strictly mentioned that the crypto-currency attacks hiked by quite a large number.

Whereas, ransomware attacks plummeted by 45% including both mobile and desktop platforms.

The major reason behind this shift of inclination towards crypto-jacking happens to be the less-disruptive and furtive disposition.

After a ransomware is introduced to the victim, the attack weapon goes waste after just one attack, leaving no chances for a recurrence.

Meanwhile, in the case of crypto-jacking, a recurrence is almost ensured, making it possible for more profits from a single weapon.

Somehow, crypto-jacking appears to be the more malicious of the two, which if ignored could lead to serious ramifications.

Reportedly, crypto-jacking could soon transform from currency mining to fabrication its own botnets to function spyware attacks.

Leaving the users with the only advice and option; to use the latest versions of anti-viruses and keep the systems updated.


Android Spyware "Triout" Back With Spying Abilities And New Malicious Schemes






An android malware in the guise of an online privacy app, is all set to cause a lot of harm as it’s resurfaced as a more malicious version of itself and has acquired spy abilities.

The application tries to trick the users into downloading and then starts working its method.

Triout, the application is created to help users dodge censorship on the internet.

The campaign had been active since May last year, under the guise of an adult 
application.

August, 2018 is when the spyware was discovered, because of the massive amounts of information it was harvesting, including photos, text conversations, and phone conversations.

Collecting GPS information about the victims and making the user’s location vulnerable are two of the other mal effects.


With changed tactics and better malicious effects to it, the malware is being distributed under the cloaks of a stolen but legit privacy tool from Google play store.

Psiphon is the privacy tool behind whose face version Triout is hiding. This application is widely used and has been downloaded like a million times.

Third party sites also provide this app on their platforms, in case hackers don’t seem to have access to play store of Google.

The fake version of Psiphon works in exactly the same way as the real version of it. The looks and the interface have all been cleverly matched.



A particular type of set of victims is being targeted via Triout so that it doesn’t raise much suspicion.

When the malware was discovered it was found to be targeting users from Germany and South Korea.

Spear-phishing is another concept that is reportedly being employed by the cyber-cons to ensure that the users download their malicious app.

The way to lure in the victims and the commands and controls of Triout have been cunningly altered to extract a hike in the success rate.


Reportedly, the updated versions of Triout are being uploaded from various distinct locations of the world, a few being Russia, France and US.

The origin of the campaign and the cyber-cons behind it are still behind the curtain and this is what makes Triout more malicious.

According to the leading security researchers, this application possesses super spying powers and is deliberately fabricated to perform activities like espionage.

The researchers implore the users to download applications only from official sites and try to steer clear off any suspicious looking applications and refrain from downloading it.


Thousands Of Users Thrashed By Extremely Real-looking-Fake-Scans Scam



Thousands of users have encountered a severe threat from scammers who are employing cunning use of JavaScript and HTML codes by way of “Potentially Unwanted Applications”.

A major security researching organization uncovered a recent development in the scamming area where PUAs and POAs are being employed.

These scams could be categorized as tech-support scams which primarily work on scaring the victim into doing something unforeseen by the victim themselves.

After fake-calls, potentially unwanted applications have become quite common, but the latest twist is the shrewd usage of JavaScript and HTML code.

These codes specifically work on making the fake scans seem implausibly real, making it faster and easier for the scanners to fool their prey.

The well-known Norton Security applications are basically being stolen from the aforementioned organization.

These scams are in no way comparable to the basic and obvious anti-virus scams that are run on a common basis.

The scammers make the scan look so legit that it never occurs to the victim to question it at all.

There sure is an alert which pops up. The users think of it to be as one from an anti-malware app, when it’s actually coming from a web browser.

The way the scanners go around is that they offer an infection to be paired up by way of a 10-second scan. This obviously lures the users in swiftly.

A web-based dashboard is being implemented by the scammers to manage and monitor all the scams that are happening.

Thousands of dollars have been wrested from the victims that too by using overtly basic, fake looking contrivances.

Last three months of 2018 had been really busy for Symantec, the aforementioned organization, as they’ve blocked PUA installations around 89 million times.

There are several points that have to be kept in mind, for instance, no pop up is capable of analyzing the hard drive and the real files on it.

No anti-malware supplication would ask the user to download a separate application for the update process.

The best way to get saved from this kind of threat is looking out for an alert that mentions the remaining days left in the so called “subscription”.

OTP Theft on the Rise in Bengaluru; Many IT Employees Fall Victim


Numerous IT employees fall victim to a new type of OTP theft currently on the rise in Bengaluru. No culprit has been caught so far as lakhs of rupees go stolen via the utilization of this technique.

This theft stands diverse as contrasted with the rest as here, an individual calling posing like a bank employee requests from the victim to provide with them their card number and CVV so as to update or review their debit or credit card.

And the 'unsuspecting victim' does not realize that any person would at present need an OTP to complete any exchange, in this way the scamster then says the victim will get a SMS, which would need to be sent back to the sender.

And such SMSes while not containing any intelligible content obviously, are in encoded shape.  Acting like links when the victims tap on them, the incoming SMS is consequently sent to the scamster's phone, which at that point completes the cash exchange — utilizing the OTP from the victim's record.

 “The thefts were initially of relatively small amounts of ₹5,000-10,000. However, of late, larger amounts ranging from ₹50,000 to up to a few lakhs have been stolen. We have not been able to apprehend anyone yet. The victims also include several IT employees,” says a cybercrime personnel further adding that such cases came to light about 2-3 months ago.


India as a country has not taken privacy seriously. Most of the time, most hackers are able to find out the bank you are banking with,” says Harsha Halvi, co-founder of TBG Labs, “OTP theft is more a privacy matter than a technological one. Perpetrators often gain the victim’s trust by dropping a name for reference, which would make the victim trust them. After that finding information about the victim’s bank is also quite easy,” he added later.

Although Halvi later recommends that since it is not possible to build up a product\software as a safeguard against this as there are many apps that request access to SMSes, the solution to this problem will only begin to emerge if the users are increasingly mindful and don't offer authorization to get to SMSes, at that point the developers will be compelled to change their strategy.

In this way, it proposed to the users, when accepting such calls, to check with the customer care numbers of their banks in order to smoothly avoid from being entrapped in such wreckage.