5/1/2021 0 Comments Nintendo 3Ds Browser Exploit
March 29, 2021 subscribe to our blog Enter your email address to subscribe to this blog Join 47,699 other subscribers Email Address Subscribe Popular Posts 1 Backdoor In PHP Source Code Discovered March 30, 2021 2 5G Network Slicing Vulnerabilities Risk DoS, Location Tracking, Data Theft, and Other Threats March 31, 2021 3 Insurance Giant CNA Went Offline Following A Ransomware Attack March 29, 2021 4 Malicious System Update App Targets Android Users With Malware March 29, 2021 5 FatFace Disclosed Data Breach; Turns Out It Suffered Ransomware Attack March 29, 2021 Visit BlogsBunny.com today Facebook Twitter Linkedin Youtube Reddit latesthackingnews.com 2011 - 2021 All rights reserved Latest Hacking News Privacy Preference Center Options Consent Management Cookie Settings Necessary Advertising Analytics privacy-policy Consent Management We use cookies to provide our services.Exploiting this bug could allow an adversary to MiTM attacks against gamers.The researcher won a hefty 12K bounty for reporting this bug.
Nintendo 3Ds Browser Exploit Offline Following ANintendo 3DS Vulnerability Reportedly, a security researcher discovered a critical security flaw affecting the now-discontinued Nintendo 3DS handheld gaming console. The vulnerability resided in the Nintendo 3DS handling of digital certificates. Specifically, due to improper certificate validation, it became possible for an adversary to spoof certificates and perform man-in-the-middle MiTM attacks. As described in the bug report, The SSL system module does not properly validate the x509 certificates when establishing an SSLTLS connection. Exploiting this flaw could result in dangerous consequences as an adversary could spoof any server to trick the target gamer. This includes spoofing eShop servers and extract user information, spoof connection to game servers, or simply perform MiTM for spying on communications and stealing data. This vulnerability affected all Nintendo 3DS consoles with firmware version 11.13 or below. K Bounty Awarded After discovered the vulnerability in June 2020, the researcher reported the matter to Nintendo via their HackerOne bug bounty program. Eventually, they deployed the patch with the release of Nintendo 3DS firmware version 11.14, as the researcher told The Daily Swig. The latest firmware update (11.14) patches SSLoth. The other flaws were based on SSLoth, so by updating their 3DS, gamers should be safe. If theyre not willing to update, Id recommend not using any untrusted DNS or proxy server, but doing so does not mean theyre safe. Besides patching the bug, Nintendo also awarded the researcher with a hefty bounty of 12,168. The researcher has named this exploit SSLoth about which, he has shared the technical details on GitHub here. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world Reach out to me at: email protected previous post Livecoin Cryptocurrency Exchange Hacked Losing Control Of All Servers next post Main areas to consider before implementing a new virtualized SQL server You may also like DuckDuckGo Offers Privacy Better Than Just Browser Tracking. April 1, 2021 Airlift Patched OTP Vulnerability Allowing Airlift Express Account. April 1, 2021 MobiKwik Suffered Data Breach 3.5M Customers Data. March 31, 2021 Two Linux Vulnerabilities Could Allow Bypassing Spectre Attack. March 31, 2021 5G Network Slicing Vulnerabilities Risk DoS, Location Tracking. March 31, 2021 Serious Vulnerability In Netmask npm Package Risked 270K. March 31, 2021 Harris Federation Education Charity Suffered Ransomware Attack March 30, 2021 Backdoor In PHP Source Code Discovered March 30, 2021 FatFace Disclosed Data Breach; Turns Out It Suffered. March 29, 2021 Researcher Patented C2FIV Technology As 2FA For Face.
0 Comments
Leave a Reply. |