Search results for: broadcom

router

Cable Haunt: Unknown millions of Broadcom-based cable modems open to hijacking

A vulnerability (CVE-2019-19494) in Broadcom‘s cable modem firmware can open unknown millions of broadband modems by various manufacturers to attackers, a group of Danish researchers has warned. About CVE-2019-19494 CVE-2019-19494, also dubbed Cable Haunt, is present in the spectrum analyzer, a standard component of Broadcom chips that identifies potential problems with the connection through the modem’s coaxial cable. “The cable modems are vulnerable to remote code execution through a web-socket connection, bypassing normal CORS and … More

Accenture agrees to acquire Symantec’s Cyber Security Services business from Broadcom

Accenture has agreed to acquire Symantec’s Cyber Security Services business from Broadcom. Financial terms were not disclosed. The acquisition will make Accenture Security one of the leading providers of managed security services, further enhancing its ability to help companies rapidly anticipate, detect and respond to cyber threats. Symantec’s portfolio of Cyber Security Services includes global threat monitoring and analysis through a network of security operation centers, real-time adversary and industry-specific threat intelligence and incident response … More

Symantec

Symantec sells its name and enterprise security business to Broadcom

Symantec announced it has entered into a definitive agreement to sell its Enterprise Security assets, which include the Symantec name, to semiconductor giant Broadcom, for $10.7 billion in cash. The transaction, which was approved by Symantec’s Board of Directors, is expected to close before the end of the calendar year pending regulatory approvals. Symantec’s enterprise offerings include endpoint security, web security services, cloud security and data loss prevention solutions. “It is a testament to our … More

List of products affected by the vulnerable Broadcom UPnP stack

Recently, DefenseCode researchers have uncovered a high-risk Broadcom UPnP stack remote root vulnerability. The vulnerability is located within the wanipc and wanppp modules of the Broadcom UPnP stack, which is used by manufacturers that deliver routers based on the Broadcom chipset. The remote preauth format string vulnerability in the Broadcom UPnP stack can be exploited to write arbitrary values to an arbitrary memory address, and also to remotely read router memory. When exploited, it allows … More

High-risk Broadcom UPnP stack remote root vulnerability

Recently, DefenseCode researchers have uncovered a remote root access vulnerability in the default installation of Linksys routers. Further research revealed that the vulnerability is even more dangerous, since the same vulnerable firmware component is also used by numerous other router manufacturers. The vulnerability is located within the wanipc and wanppp modules of the Broadcom UPnP stack, which is used by manufacturers that deliver routers based on the Broadcom chipset. A variety of routers have their … More

Broadcom introduces 5G WiFi combo chip for smartphones

Broadcom introduced the BCM4335, the first complete 5G WiFi combo chip for smartphones, tablets, ultrabooks and other mobile devices. 5G WiFi, the 5th generation of Wi-Fi based on the IEEE 802.11ac standard, is an evolutionary step from the existing 802.11a/b/g/n networks. 5G WiFi improves the wireless range in the home, allowing consumers to watch HD-quality video from more devices, in more places, simultaneously. With 3X faster speeds, consumers can download web content from a mobile … More

Broadcom releases 40nm Wi-Fi and Bluetooth combo chip

Broadcom released the BCM43142 InConcert combo chip which combines Wi-Fi Direct connectivity with seamless proximity-based pairing, simplifying wireless connectivity in the home. The combo chip supports a variety of platforms including Windows and Android-based systems. The single-die BCM43142 is the industry’s first 40nm Wi-Fi Bluetooth Combo Chip for notebooks and netbooks. With its high levels of integration, it provides a significant reduction in footprint and a lower bill-of-materials and a 40 percent reduction in power … More

nCipher and Broadcom to Provide Advanced, Embedded Security Infrastructure

Las Vegas, Nevada – Networld+Interop 2004 — May 11, 2004 — nCipher plc (LSE: NCH), a leading provider of IT cryptographic security, today announced that it is collaborating with Broadcom Corporation (Nasdaq: BRCM) to improve the way security is deployed and managed in consumer and business devices such as laptop computers and network equipment. As an extension to its established strategic partnership with Broadcom, nCipher will provide security management products to support Broadcom’s BroadSAFETM security … More

lock

UPnP vulnerability lets attackers steal data, scan internal networks

A vulnerability (CVE-2020-12695) in Universal Plug and Play (UPnP), which is implemented in billions of networked and IoT devices – personal computers, printers, mobile devices, routers, gaming consoles, Wi-Fi access points, and so on – may allow unauthenticated, remote attackers to exfiltrate data, scan internal networks or make the devices participate in DDoS attacks.

Code

Best practices and challenges in adopting continuous software testing

Businesses must accelerate the shift to comprehensive continuous software testing in order to remain competitive, according to a report released by Capgemini and Broadcom. The report, based on a survey of 500 senior decision makers in corporate IT reveals that most businesses find it challenging to adapt their quality assurance and testing processes to the Agile way of working. The crux of the challenge is that organizations find it difficult to frequently deploy a large … More

Wi-Fi

Flaw affecting 1B+ Wi-Fi-enabled devices allows attackers to decrypt wireless network packets

ESET researchers have discovered Kr00k (CVE-2019-15126), a previously unknown vulnerability in Wi-Fi chips used in many client devices, Wi-Fi access points and routers. Kr00k is a vulnerability that causes the network communication of an affected device to be encrypted with an all-zero encryption key. In a successful attack, this allows an adversary to decrypt wireless network packets. About CVE-2019-15126 The discovery of Kr00k follows previous ESET research into the Amazon Echo being vulnerable to KRACKs … More

binary

Week in review: Windows crypto flaw, API security risks, exploits for Citrix security hole abound

Here’s an overview of some of last week’s most interesting news and articles: Cable Haunt: Unknown millions of Broadcom-based cable modems open to hijacking A vulnerability (CVE-2019-19494) in Broadcom‘s cable modem firmware can open unknown millions of broadband modems by various manufacturers to attackers, a group of Danish researchers has warned. High-risk Google account owners can now use their iPhone as a security key Google users who opt for the Advanced Protection Program (APP) to … More