Enlarge / Using the attached device, an attacker's remote control on the right is able to hijack the original remote control on the left. (credit: Jonathan Andersson)

The advent of inexpensive consumer drones has generated a novel predicament for firefighters, law-enforcement officers, and ordinary citizens who encounter crafts they believe are interfering with their safety or privacy. In a series of increasingly common events—several of them chronicled by Ars—drones perceived as trespassing have been blown out of the sky with shotguns. Firefighters have also complained that hobbyist drones pose a significant threat that sometimes prompts them to ground helicopters.

Now, a researcher has demonstrated a significantly more subtle and proactive remedy that doesn't involve shotgun blasts or after-the-fact arrests by law enforcement. It's a radio transmitter that seizes complete control of nearby drones as they're in mid-flight. From then on, the drones are under the full control of the person with the hijacking device. The remote control in the possession of the original operator experiences a loss of all functions, including steering, acceleration, and altitude. The hack works against any drone that communicates over DSMx, a widely used remote control protocol for operating hobbyist drones, planes, helicopters, cars, and boats.

Besides hijacking a drone, the device provides a digital fingerprint that's unique to each craft. The fingerprint can be used to identify trusted drones from unfriendly ones and potentially to provide forensic evidence for use in criminal or civil court cases. Unlike most other counter-drone technologies publicly demonstrated to date, it isn't a frequency jammer that merely prevents a remote control from communicating with a drone. Instead, it gives the holder the ability to completely seize control of the unmanned craft. It was presented on Wednesday at the PacSec 2016 security conference in Tokyo by Jonathan Andersson, the advanced security research group manager at Trend Micro's TippingPoint DVLab division.

Read 9 remaining paragraphs | Comments

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
WordPress Zotpress Plugin 'shortcode.ajax.php' SQL Injection Vulnerability
Cisco Prime Collaboration Provisioning CVE-2016-6451 Multiple Cross Site Scripting Vulnerabilities
Cisco IP Interoperability and Collaboration System Local Privilege Escalation Vulnerability
Cisco IP Interoperability and Collaboration System CVE-2016-6429 Cross Site Scripting Vulnerability
Cisco Hosted Collaboration Mediation Fulfillment Cross Site Request Forgery Vulnerability
Cisco AsyncOS CVE-2016-1480 Remote Security Bypass Vulnerability
Cisco AsyncOS CVE-2016-6357 Remote Security Bypass Vulnerability
Cisco AsyncOS for Email and Web Security Appliances Remote Security Bypass Vulnerability
perl-DBD-MySQL CVE-2016-1246 Remote Buffer Overflow Vulnerability
DBD::mysql CVE-2014-9906 Incomplete Fix Use After Free Remote Code Execution Vulnerability
Cisco Identity Services Engine CVE-2016-6453 SQL Injection Vulnerability
WordPress admin-font-editor Plugin CVE-2016-1000126 Cross Site Scripting Vulnerability
libTIFF CVE-2016-8331 Type Confusion Remote Code Execution Vulnerability
Firejail CVE-2016-9016 Remote Privilege Escalation Vulnerability

Adobe today released a critical update for Flash Player. The update was released outside of Adobes regular patch cycle. [1]

The singled vulnerability fixed by this update, CVE-2016-7855, has already been exploited in targeted attacks against Windows.

Windows, Linux and Mac versions are affected, including versions embedded in Chrome and Edge/Internet Explorer 11.

Please expedite this update, and review that Flash does not start automatically in your browser but only if enabled by the user for a specific site. Consider removing Flash whenever possible.


Johannes B. Ullrich, Ph.D.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
LibTIFF 'libtiff/tif_pixarlog.c' Heap Buffer Overflow Vulnerability
OpenSSL CVE-2016-6303 Integer Overflow Vulnerability

Johannes B. Ullrich, Ph.D.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
WordPress anti-plagiarism Plugin 'js.php' Cross Site Scripting Vulnerability
Red Hat CloudForms Management Engine CVE-2016-7040 Remote Command Execution Vulnerability
Multiple Cloud Foundry Foundation Products CVE-2016-6655 Command Injection Vulnerability
389 Directory Server CVE-2016-5405 Information Disclosure Vulnerability
CVE-2016-1240 - Tomcat packaging on Debian-based distros - Local Root Privilege Escalation
[SECURITY] [DSA 3700-1] asterisk security update
[SECURITY] [DSA 3701-1] nginx security update
FreeBSD Security Advisory FreeBSD-SA-16:15.sysarch [REVISED]
7-Zip DLL Loading Local Code Execution Vulnerability
Oracle VM VirtualBox CVE-2016-5610 Local Security Vulnerability
Internet Storm Center Infocon Status