Search results for: broadcom

AirTies unveils portfolio of Wi-Fi 6 devices powered by AirTies Smart Wi-Fi software

AirTies, the most widely deployed supplier of managed Wi-Fi solutions to service providers globally, unveiled its portfolio of Wi-Fi 6 (802.11ax) devices powered by AirTies Smart Wi-Fi software. The company also disclosed that it has signed deals with multiple Tier 1 service providers expected to bring them to market in the coming months. Specifically, AirTies introduced a new, dual-band Wi-Fi 6 Extender, a tri-band Wi-Fi 6 Extender, and a Wi-Fi 6 router. In addition to … More

Crypto Quantique raises $8M to address the growing challenges of end-to-end IoT security

Crypto Quantique, a privately held company with a mission to revolutionize the IoT with quantum driven cybersecurity, announced that it has raised an $8 million seed round led by ADV along with participation from Entrepreneur First, amongst others. Crypto Quantique’s disruptive cybersecurity technology, uses the most advanced techniques in cryptography and quantum physics to address the growing challenges of end-to-end IoT security. Its unique feature is that a single chip can generate multiple, unique, unforgeable … More

Bluetooth

Critical Bluetooth flaw opens millions of devices to eavesdropping attacks

A newly disclosed vulnerability (CVE-2019-9506) in the Bluetooth Core Specification can be exploited by attackers to intercept and manipulate Bluetooth communications/traffic between two vulnerable devices. Researchers Daniele Antonioli, Nils Ole Tippenhauer and Kasper Rasmussen discovered the flaw and demonstrated a practical Key Negotiation Of Bluetooth (KNOB) attack taking advantage of it. They also shared their discovery with the Bluetooth Special Interest Group (Bluetooth SIG), the CERT Coordination Center, and members of the International Consortium for … More

abstract, generic

Week in review: SWAPGS attack, DNS security, vulnerable Siemens PLCs, Black Hat USA 2019

Here’s an overview of some of last week’s most interesting news, interviews and articles: Embracing the cloud and meeting its security demands You might expect that the largest companies are the most organized and mature when it comes to security but, he says, that’s not always the case – there is a wide range of security approaches and differences arise due to variations in internal organization, to mergers and acquisitions creating islands of technology, and … More

traffic

Quality Assurance and Testing is a bottleneck to implementing DevOps for many organizations

The practice of Continuous Testing – the process of fast and efficient validation of software releases in agile developments through highly automated tests – is gaining ground in large enterprises, with almost a third of IT executives (32%) stating that their IT departments had ‘fully embraced Continuous Testing’. However, with 58% of enterprises deploying a new build daily (and 26% at least hourly), companies must work to improve their continuous testing effectiveness by streamlining their … More

Digital Guardian appointing Mordecai Rosen as CEO

Digital Guardian announced that its Board of Directors has appointed Mordecai (“Mo”) Rosen as its new Chief Executive Officer, effective immediately. Mr. Rosen was most recently the General Manager for Cybersecurity at CA Technologies (now a Broadcom company), and brings more than 25 years of high-tech senior leadership experience to Digital Guardian. With Rosen at the helm, Digital Guardian expects to aggressively grow its core data loss prevention business and extend its push into the … More

code

Helping researchers with IoT firmware vulnerability discovery

John Toterhi, a security researcher with IoT security company Finite State, believes that many of the security problems plaguing IoT devices are solvable problems through transparency. “Manufacturers who make their firmware public and follow GPL practices are doing themselves a huge favor: by making firmware public, manufacturers are enabling a world-wide network of the best security talent to find bugs, disclose them responsibly, and improve security for their customers. Without this transparency they exclude so … More

SFP-DD MSA releases high-speed, high-density interface specification 2.0

The Small Form Factor Pluggable Double Density (SFP-DD) Multi Source Agreement (MSA) Group announces the release of the v2.0 specification for the SFP-DD pluggable interface. The MSA consortium released the initial SFP-DD specification version 1.0 in September 2017 and earlier this year released version 1.1. The newly updated specification version 2.0 reflects enhancements to the mechanicals, extended modules and enhanced polarizing key of the SFP-DD electrical interface, targeting support of up to 3.5 W optical … More

Bluetooth

Bluetooth vulnerability allows snooping of traffic between paired devices

Researchers Eli Biham and Lior Neumann have discovered a vulnerability in two Bluetooth features that could be exploited by attackers to gain a man-in-the-middle position and to monitor and fiddle with the traffic between two devices connected via that wireless technology. “Both Bluetooth low energy (LE) implementations of Secure Connections Pairing in operating system software and BR/EDR implementations of Secure Simple Pairing in device firmware may be affected,” the Carnegie-Mellon CERT notes. The vulnerability (CVE-2018-5383) … More

patch

Patch Tuesday: 80+ vulnerabilities fixed, one exploited in the wild

As part of its regular, monthly Patch Tuesday update, Microsoft has released patches for 81 new vulnerabilities, including a zero-day in the .NET Framework. The September patch dump also includes details of a spoofing vulnerability in the Windows Bluetooth driver (CVE-2017-8628), which has been disclosed as part of the BlueBorne batch of vulnerabilities. The flaw was apparently patched silently in July, but Microsoft chose to delay releasing details about it until other vendors could develop … More

geometry

Week in review: macOS security, Segway vulns, and the SOC of the future

Here’s an overview of some of last week’s most interesting news and articles: The future of macOS security: Baked-in protection and third-party tools Anyone in the information security industry who’s interested in Mac security probably knows who Patrick Wardle is. Apart from being Chief Security Researcher at Synack, he’s also the creator of a number of security tools for macOS, which he makes available for free on his Objective-See project site. Attackers are taking over … More

Apple

Apple patches critical Broadpwn vulnerability in its various OSes

Apple has released security updates for iOS, macOS (Sierra, El Capitan, and Yosemite), Safari, iCloud, iTunes, watchOS and tvOS. As per usual, the same fixed Webkit flaws abound in all of the updates, as it is the web browser engine used by Safari, App Store, and many other applications. Among the other plugged holes a few stand out, for various reasons: Among the WebKit flaws, there’s one disclosed to Apple by the UK’s National Cyber … More