- Apple os x cve 2017 7494 samba how to#
- Apple os x cve 2017 7494 samba Patch#
- Apple os x cve 2017 7494 samba download#
Hackers leaking stolen information to discredit targets for political reasons has become a widely discussed phenomenon, with the "DNC hacks" probably the best known example. For 'ordinary' use and protection against opportunistic attackers like pickpockets, biometric authentication, despite its flaws, is likely to provide ample security. These attacks should serve as a reminder that, like other authentication methods, biometric-based authentication isn't 100% secure and when one is concerned about a device being taken by a powerful adversary, one should always use a second authentication factor, such as a (strong) password. Researchers from CCC in Germany published a video in which they showed how they managed to bypass the irisscanner of the Samsung Galaxy S8 phone, a few years after the same group managed to bypass Apple's TouchID fingerprint-based authentication.
If these aren't available for the service you need to use, at least make sure that SMS on its own doesn't give someone access to the account. The fact that ordinary cybercriminals have now been seen to do this shows that SMS really shouldn't be used to protect sensitive accounts and one should look for alternatives such as authenticator apps.
The weaknesses of SMS as a second authentication factor have long been known: last year NIST warned against its use and, as if to illustrate that point, around the same time Telegram accounts in Iran were hacked through ISPs intercepting SMS messages. And like an SMB vulnerability was exploited to spread the WannaCry ransomware, this vulnerabiltiy could make it easy for an attacker to take over a vulnerable system.Īt the beginning of May, a German mobile phone provider confirmed that the SS7 protocol was exploited to intercept some of their customers' SMS messages, which were then used in combination with malware targeting the user to steal money from their (online) banking accounts. A good recent example of a serious vulnerability that was patched was CVE-2017-7494, a vulnerability in Samba, Linux's implementation of Microsoft's SMB protocol.
Apple os x cve 2017 7494 samba Patch#
Speaking of which, we just published our Third Transmission! Security alertsĪs a Linux user, it is just as important to patch vulnerabilities as it is for users of other operating systems.
Apple os x cve 2017 7494 samba how to#
On it you find how to help, learn about our missions and find our blog which includes past newsletters and transmissions.
Apple os x cve 2017 7494 samba download#
Security Tip Do you want to use the Tor Browser but are based in a country or region where web (and VPN) traffic is heavily monitored or blocked? Download Tor via email via the GetTor Robot: send an email to with your operating system ( windows, linux or os x) in the email body and you get sent a download link for the Tor browser on a popular (and thuse unlikely blocked) cloud service. This is a somewhat regular newsletter covering recent cyber security issues, tools and events relevant for activists, dissidents, journalists and civil society at large.
Welcome to the sixth newsletter from Security Without Borders.
0 kommentar(er)
