Cyber Updates – 08/04

Cyber Updates – 08/04

Hey all,
Here are this week’s cyber updates:

(1) Broadcom Wi-Fi chip was found to be vulnerable (CVE-2017-6956) to remote code execution. Security researcher Gal Beniamini has found a stack overflow vulnerability in the vendor’s Wi-Fi chip, allowing a malicious user to craft Wi-Fi frames to the Wi-Fi controller. This allows an attacker in close proximity to your mobile device to overwrite the phone’s RAM, hence allowing them to execute malicious code on the mobile device.
Since Broadcom is the most used Wi-Fi chip for mobile devices, numerous mobile phones were vulnerable to this hack, including Apple (CVE-2017-6975) and Nexus, both of which have issued a fix for this new vulnerability.


(2) ATMs in Russia were hacked using a fileless malware, allowing the attackers to steal $800,000 in a single night. The malware has allowed the attacker to approach the infected ATM machine and collect the cash without touching the ATM!
According to TheHackerNews, the malware is remotely installed and executed on ATMs via their remote administration module, thus giving hackers the ability to form an SSH tunnel, deploy the malware, and then sending the command to the ATM to dispense cash.
Stay tuned for more updates,
Dan Gurfinkel
Head of Offensive Security & Response Unit
Comsec by HUB Security logo
We are sorry to hear you have a problem, but we are here to help!

Our Hot Line is ready to provide
immediate assistance 24/7

Calling from Israel?

+972 747047472

Calling from anywhere else?

+31202170634

Comsec by HUB Security logo

We are sorry to hear you have a problem, but we are here to help!

Our Hot Line is ready to provide immediate assistance 24/7

Skip to content