An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.

AgeCommit message (Expand)AuthorFilesLines 2022-09-04Merge tag 'wireless-next-2022-09-03' of git://git.kernel.org/pub/scm/linux/ke...David S. Miller1\-1/+1 2022-09-03wifi: mac80211: fix double SW scan stopJohannes Berg1\-1/+1 2022-08-25wifi: mac80211: Fix UAF in ieee80211\_scan\_rx()Siddh Raman Pant1\-4/+7 2022-07-15wifi: mac80211: fix multi-BSSID element parsingJohannes Berg1\-4/+8 2022-06-20wifi: mac80211: move interface config to new structJohannes Berg1\-1/+1 2022-05-04mac80211: upgrade passive scan to active scan on DFS channels after beacon rxFelix Fietkau1\-0/+20 2021-09-23mac80211: always allocate struct ieee802\_11\_elemsJohannes Berg1\-6/+10 2021-05-31mac80211: fix skb length check in ieee80211\_scan\_rx()Du Cheng1\-5/+16 2020-09-28mac80211: convert S1G beacon to scan resultsThomas Pedersen1\-4/+13 2020-09-28mac80211: s1g: choose scanning width based on frequencyThomas Pedersen1\-0/+17 2020-09-28nl80211/cfg80211: support 6 GHz scanningTova Mussai1\-2/+7 2020-07-31mac80211: remove unused flags argument in transmit functionsMathy Vanhoef1\-1/+1 2020-07-31mac80211: use same flag everywhere to avoid sequence number overwriteMathy Vanhoef1\-4/+3 2020-07-31nl80211: S1G band and channel definitionsThomas Pedersen1\-0/+1 2020-05-31mac80211: Add HE 6GHz capabilities element to probe requestIlan Peer1\-8/+9 2020-05-31mac80211: avoid using ext NSS high BW if not supportedJohannes Berg1\-0/+6 2020-04-24mac80211: add freq\_offset to RX statusThomas Pedersen1\-1/+2 2020-04-24mac80211: handle channel frequency offsetThomas Pedersen1\-0/+1 2020-02-21cfg80211: remove support for adjacent channel compensationEmmanuel Grumbach1\-2/+1 2019-10-07mac80211: fix scan when operating on DFS channels in ETSI domainsAaron Komisar1\-2/+28 2019-06-19treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500Thomas Gleixner1\-4/+1 2019-02-08mac80211: support multi-bssidSara Sharon1\-2/+9 2019-02-08mac80211: move the bss update from elements to an helperSara Sharon1\-70/+80 2019-02-08mac80211: pass bssids to elements parsing functionSara Sharon1\-35/+40 2018-11-09mac80211: allow hardware scan to fall back to softwareJohannes Berg1\-4/+18 2018-06-30Merge tag 'mac80211-next-for-davem-2018-06-29' of git://git.kernel.org/pub/sc...David S. Miller1\-6/+50 2018-06-15mac80211: support scan features for improved scan privacyJohannes Berg1\-5/+30 2018-06-15mac80211: split ieee80211\_send\_probe\_req()Johannes Berg1\-2/+20 2018-06-15mac80211: add probe request building flagsJohannes Berg1\-3/+4 2018-06-12treewide: kzalloc() -> kcalloc()Kees Cook1\-1/+1 2018-03-21mac80211: inform wireless layer when frame RSSI is invalidTosoni1\-1/+3 2017-09-21mac80211: oce: enable receiving of bcast probe respRoee Zamir1\-9/+28 2017-04-28cfg80211: add request id to cfg80211\_sched\_scan\_\*() apiArend Van Spriel1\-2/+2 2017-04-28mac80211: separate encoding/bandwidth from flagsJohannes Berg1\-4/+4 2017-04-28mac80211: clean up rate encoding bits in RX statusJohannes Berg1\-4/+4 2016-12-13mac80211: Remove unused 'len' variableKirtika Ruchandani1\-5/+3 2016-09-15mac80211: fix scan completed tracingJohannes Berg1\-1/+1 2016-07-06mac80211: report failure to start (partial) scan as scan abortJohannes Berg1\-2/+3 2016-07-06mac80211: Add support for beacon report radio measurementAvraham Stern1\-8/+34 2016-07-06nl80211: support beacon report scanningAvraham Stern1\-2/+7 2016-04-12cfg80211: remove enum ieee80211\_bandJohannes Berg1\-6/+6 2016-04-05mac80211: Support a scan request for a specific BSSIDJouni Malinen1\-1/+3 2016-04-05mac80211: allow drivers to report CLOCK\_BOOTTIME for scan resultsJohannes Berg1\-1/+3 2016-01-26mac80211: Requeue work after scan complete for all VIF types.Sachin Kulkarni1\-1/+11 2016-01-14mac80211: handle sched\_scan\_stopped vs. hw restart raceEliad Peller1\-0/+8 2015-12-02mac80211: do not actively scan DFS channelsAntonio Quartulli1\-4/+5 2015-11-03mac80211: don't reconfigure sched scan in case of wowlanEliad Peller1\-5/+7 2015-10-14mac80211: remove PM-QoS listenerJohannes Berg1\-1/+0 2015-10-13mac80211: use new cfg80211\_inform\_bss\_frame\_data() APIJohannes Berg1\-10/+9 2015-06-10mac80211: convert HW flags to unsigned long bitmapJohannes Berg1\-5/+5 2015-06-09mac80211: ignore invalid scan RSSI valuesSara Sharon1\-1/+7 2015-06-02mac80211: rename single hw-scan flag to follow naming conventionJohannes Berg1\-3/+3 2015-03-30mac80211: IBSS fix scan requestJanusz.Dziedzic@tieto.com1\-9/+16 2015-01-23mac80211: complete scan work immediately if quiesced or suspendedLuciano Coelho1\-0/+5 2015-01-14mac80211: don't defer scans in case of radar detectionEliad Peller1\-1/+1 2015-01-14mac80211: remove local->radar\_detect\_enabledEliad Peller1\-1/+1 2015-01-14mac80211: let flush() drop packets when possibleEmmanuel Grumbach1\-2/+2 2014-11-19mac80211: allow drivers to support NL80211\_SCAN\_FLAG\_RANDOM\_ADDRJohannes Berg1\-10/+38 2014-11-19mac80211: rcu-ify scan and scheduled scan request pointersJohannes Berg1\-30/+49 2014-11-19mac80211: remove redundant checkEliad Peller1\-1/+1 2014-09-05mac80211: add Intel Mobile Communications copyrightJohannes Berg1\-0/+1 2014-08-26mac80211: scan: Replace rcu\_assign\_pointer() with RCU\_INIT\_POINTER()Andreea-Cristina Bernat1\-1/+1 2014-06-25mac80211: split sched scan IEsDavid Spinadel1\-23/+24 2014-06-25mac80211: support more than one band in scan requestDavid Spinadel1\-25/+60 2014-05-09mac80211: handle failed restart/resume betterJohannes Berg1\-5/+10 2014-04-09mac80211: use RCU\_INIT\_POINTERMonam Agarwal1\-5/+5 2014-03-19mac80211: release sched\_scan\_sdata when stopping sched scanAlexander Bondar1\-2/+4 2014-02-20mac80211: allow driver to return error from sched\_scan\_stopJohannes Berg1\-1/+1 2014-02-11mac80211: fix IE buffer lenDavid Spinadel1\-5/+2 2013-12-16mac80211: reschedule sched scan after HW restartDavid Spinadel1\-14/+39 2013-12-16Merge remote-tracking branch 'wireless-next/master' into mac80211-nextJohannes Berg1\-1/+1 2013-12-06Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linvil...John W. Linville1\-1/+1 2013-12-05mac80211: start\_next\_roc only if scan was actually runningEliad Peller1\-1/+3 2013-12-05mac80211: determine completed scan type by defined opsEliad Peller1\-8/+7 2013-12-03mac80211: remove duplicate codeEliad Peller1\-8/+0 2013-11-25cfg80211: consolidate passive-scan and no-ibss flagsLuis R. Rodriguez1\-5/+5 2013-11-25mac80211: fix scheduled scan rtnl deadlockJohannes Berg1\-1/+1 2013-11-04Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linvil...John W. Linville1\-0/+19 2013-10-23Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1\-0/+19 2013-10-09mac80211: correctly close cancelled scansEmmanuel Grumbach1\-0/+19 2013-09-26mac80211: change beacon/connection pollingStanislaw Gruszka1\-2/+1 2013-07-16mac80211: allow scanning for 5/10 MHz channels in IBSSSimon Wunderlich1\-6/+39 2013-07-16mac80211: select and adjust bitrates according to channel modeSimon Wunderlich1\-2/+25 2013-06-13mac80211: track AP's beacon rate and give it to the driverAlexander Bondar1\-0/+9 2013-04-16mac80211: parse VHT channel switch IEsJohannes Berg1\-1/+1 2013-04-08mac80211: check ERP info IE length in parserJohannes Berg1\-3/+2 2013-03-25mac80211: Use a cfg80211\_chan\_def in ieee80211\_hw\_conf\_chanKarl Beldan1\-3/+3 2013-03-18mac80211: pass queue bitmap to flush operationJohannes Berg1\-2/+2 2013-03-11mac80211: remove a few set but unused variablesJohannes Berg1\-3/+0 2013-02-15mac80211: add radar detection command/eventSimon Wunderlich1\-0/+3 2013-02-11mac80211: Add flushes before going off-channelSeth Forshee1\-0/+3 2013-02-11mac80211: Fix tx queue handling during scansSeth Forshee1\-3/+6 2013-02-11mac80211: introduce beacon-only timing dataJohannes Berg1\-1/+4 2013-02-11cfg80211: pass wiphy to cfg80211\_ref\_bss/put\_bssJohannes Berg1\-1/+2 2013-01-31mac80211: improve latency and throughput while software scanningStanislaw Gruszka1\-27/+5 2013-01-31mac80211: start auth/assoc timeout on frame statusJohannes Berg1\-1/+2 2013-01-31mac80211: remove unused mesh data from bssJohannes Berg1\-9/+0 2013-01-31mac80211: remove last\_probe\_resp from bssJohannes Berg1\-3/+0 2013-01-28Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linvil...John W. Linville1\-10/+5 2013-01-16mac80211: synchronize scan off/on-channel and PS statesStanislaw Gruszka1\-10/+5 2013-01-03mac82011: use frame control to differentiate probe resp/beaconEmmanuel Grumbach1\-5/+4 2013-01-03mac80211: fix dtim\_period in hidden SSID AP associationJohannes Berg1\-12/+0 2013-01-03mac80211: fix ibss scanningStanislaw Gruszka1\-10/+24 2012-12-11Merge branch 'for-john' of git://git.sipsolutions.net/mac80211-nextJohn W. Linville1\-1/+1 2012-12-10mac80211: a few whitespace fixesJohannes Berg1\-1/+1 2012-12-06Merge branch 'for-john' of git://git.kernel.org/pub/scm/linux/kernel/git/jber...John W. Linville1\-9/+12 2012-11-30mac80211: make ieee80211\_build\_preq\_ies saferJohannes Berg1\-9/+12 2012-11-26Merge branch 'for-john' of git://git.kernel.org/pub/scm/linux/kernel/git/jber...John W. Linville1\-8/+1 2012-11-23cfg80211: use DS or HT operation IEs to determine BSS channelJohannes Berg1\-8/+1 2012-11-21Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linvil...John W. Linville1\-1/+1 2012-10-31mac80211: init sched\_scan\_iesDavid Spinadel1\-1/+1 2012-10-18mac80211: add support for tx to abort low priority scan requestsSam Leffler1\-4/+17 2012-10-17mac80211: use channel contextsJohannes Berg1\-2/+2 2012-10-16mac80211: track whether to use channel contextsJohannes Berg1\-0/+4 2012-09-07net/mac80211/scan.c: removes unnecessary semicolonPeter Senna Tschudin1\-1/+1 2012-09-06mac80211: don't hang on to sched\_scan\_iesJohannes Berg1\-25/+14 2012-09-06Merge remote-tracking branch 'mac80211/master' into mac80211-nextJohannes Berg1\-2/+1 2012-08-20mac80211: pass channel to ieee80211\_send\_probe\_reqJohannes Berg1\-1/+2 2012-08-20mac80211: check operating channel in scanJohannes Berg1\-5/+4 2012-07-30mac80211: don't clear sched\_scan\_sdata on sched scan stop requestEliad Peller1\-1/+0 2012-07-30Merge remote-tracking branch 'wireless/master' into mac80211Johannes Berg1\-58/+65 2012-07-24mac80211: fix scan\_sdata assignmentJohannes Berg1\-1/+1 2012-07-20Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linvil...John W. Linville1\-54/+62 2012-07-12mac80211: add time synchronisation with BSS for assocJohannes Berg1\-1/+2 2012-07-12mac80211: redesign scan RXJohannes Berg1\-34/+23 2012-07-12mac80211: track scheduled scan virtual interfaceJohannes Berg1\-10/+10 2012-07-12mac80211: make scan\_sdata pointer usable with RCUJohannes Berg1\-9/+24 2012-07-12mac80211: fix invalid band deref building preq IEsArik Nemtsov1\-0/+3 2012-06-12Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linvil...John W. Linville1\-2/+2 2012-06-06mac80211: unify SW/offload remain-on-channelJohannes Berg1\-2/+2 2012-06-04net: Remove casts to same typeJoe Perches1\-2/+1 2012-05-09mac80211: Convert compare\_ether\_addr to ether\_addr\_equalJoe Perches1\-1/+1 2012-04-23mac80211: Support on-channel scan option.Ben Greear1\-26/+69 2012-04-13mac80211: remove ieee80211\_rx\_bss\_getMohammed Shafi Shajakhan1\-14/+0 2012-04-13mac80211: do not scan and monitor connection in parallelStanislaw Gruszka1\-1/+28 2012-03-28mac80211: fix oper channel timestamp updationRajkumar Manoharan1\-1/+1 2012-03-07mac80211: Filter duplicate IE idsPaul Stewart1\-20/+51 2012-03-05mac80211: use compare\_ether\_addr on MAC addresses instead of memcmpFelix Fietkau1\-1/+2 2012-01-05Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linvil...John W. Linville1\-1/+1 2012-01-04mac80211: fix scan state machineMohammed Shafi Shajakhan1\-1/+1 2011-12-19net: fix assignment of 0/1 to bool variables.Rusty Russell1\-1/+1 2011-11-30mac80211: revert on-channel work optimisationsJohannes Berg1\-2/+2 2011-11-22Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/torval...John W. Linville1\-0/+1 2011-11-11mac80211: simplify scan state machineJohannes Berg1\-122/+77 2011-10-31net: Add export.h for EXPORT\_SYMBOL/THIS\_MODULE to non-modulesPaul Gortmaker1\-0/+1 2011-10-25Merge branch 'pm-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds1\-1/+1 2011-10-11mac80211: pass no-CCK flag through to HW scanJohannes Berg1\-0/+1 2011-09-27mac80211: Send the management frame at requested rateRajkumar Manoharan1\-1/+2 2011-08-25PM QoS: Move and rename the implementation filesJean Pihet1\-1/+1 2011-07-19mac80211: implement scan supported ratesJohannes Berg1\-3/+3 2011-07-11Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linvil...John W. Linville1\-1/+2 2011-07-07mac80211: fix ie memory allocation for scheduled scansLuciano Coelho1\-1/+2 2011-06-27mac80211: Drop DS Channel PARAM in directed probePaul Stewart1\-1/+2 2011-06-27mac80211: restrict advertised HW scan ratesJohannes Berg1\-2/+3 2011-06-17mac80211: add cancel\_hw\_scan() callbackEliad Peller1\-16/+21 2011-05-27mac80211: Remove duplicate linux/slab.h include from net/mac80211/scan.cJesper Juhl1\-1/+0 2011-05-16mac80211: abort scan\_work immediately when the device goes downRajkumar Manoharan1\-0/+5 2011-05-12cfg80211/mac80211: avoid bounce back mac->cfg->mac on sched\_scan\_stoppedLuciano Coelho1\-6/+27 2011-05-11mac80211: add support for HW scheduled scanLuciano Coelho1\-0/+99 2011-05-10mac80211: don't drop frames where skb->len < 24 in ieee80211\_scan\_rx()Luciano Coelho1\-1/+1 2011-03-07mac80211: fix scan race, simplify codeJohannes Berg1\-40/+24 2011-02-09mac80211: Ensure power-level set properly for scanning.Ben Greear1\-1/+8 2011-02-09mac80211: Allow scanning on existing channel-type.Ben Greear1\-4/+2 2011-02-04mac80211: Optimize scans on current operating channel.Ben Greear1\-25/+63 2011-01-21cfg80211: Extend channel to frequency mapping for 802.11jBruno Randolf1\-1/+2 2010-10-07mac80211: fix sw scan lockingJohannes Berg1\-2/+1 2010-10-06mac80211: avoid uninitialized var warning in ieee80211\_scan\_cancelJohn W. Linville1\-3/+4 2010-10-06mac80211: compete scan to cfg80211 if deferred scan fail to startStanislaw Gruszka1\-0/+2 2010-10-06mac80211: do not requeue scan work when not neededStanislaw Gruszka1\-12/+3 2010-10-06mac80211: assure we also cancel deferred scan requestStanislaw Gruszka1\-10/+25 2010-10-06mac80211: keep lock when calling \_\_ieee80211\_scan\_completed()Stanislaw Gruszka1\-36/+39 2010-10-06mac80211: reduce number of \_\_ieee80211\_scan\_completed callsStanislaw Gruszka1\-22/+29 2010-09-24mac80211: Add DS Parameter Set into Probe Request on 2.4 GHzJouni Malinen1\-1/+2 2010-09-24mac80211: Filter ProbeReq SuppRates based on TX rate maskJouni Malinen1\-1/+1 2010-08-27mac80211: allow scan to complete from any contextJohannes Berg1\-8/+26 2010-08-16mac80211: per interface idle notificationJohannes Berg1\-0/+2 2010-08-16mac80211: unify scan and work mutexesJohannes Berg1\-15/+15 2010-08-04mac80211: fix scan locking wrt. hw scanJohannes Berg1\-14/+0 2010-07-29mac80211: allow drivers to request DTIM periodJohannes Berg1\-0/+4 2010-07-28Revert "mac80211: fix sw scan bracketing"Luis R. Rodriguez1\-2/+2 2010-06-21mac80211: Fix compile warning in scan.c.Gertjan van Wingerde1\-1/+1 2010-06-18mac80211: fix sw scan bracketingJohannes Berg1\-2/+2 2010-05-20Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6Linus Torvalds1\-19/+107 2010-05-05Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linvil...John W. Linville1\-13/+40 2010-05-03mac80211: improve IBSS scanningJohannes Berg1\-1/+27 2010-04-28mac80211: do not wip out old supported ratesStanislaw Gruszka1\-10/+11 2010-04-27mac80211: give virtual interface to hw\_scanJohannes Berg1\-2/+2 2010-04-15Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linvil...John W. Linville1\-0/+2 2010-04-11Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/ne...David S. Miller1\-0/+1 2010-04-08mac80211: enhance tracingJohannes Berg1\-0/+2 2010-03-30include cleanup: Update gfp.h and slab.h includes to prepare for breaking imp...Tejun Heo1\-0/+1 2010-03-09mac80211: Improve software scan timingHelmut Schaa1\-6/+65 2010-02-08Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linvil...John W. Linville1\-8/+19 2010-02-08mac80211: fix deferred hardware scan requestsJohannes Berg1\-8/+10 2010-01-26mac80211: wait for beacon before enabling powersaveJohannes Berg1\-4/+0 2010-01-12mac80211: add U-APSD client supportKalle Valo1\-0/+18 2010-01-12mac80211: fix a few work bugsJohannes Berg1\-0/+1 2010-01-06Revert "mac80211: replace netif\_tx\_{start,stop,wake}\_all\_queues"John W. Linville1\-5/+5 2010-01-05mac80211: No need to include WEXT headers hereJouni Malinen1\-1/+0 2009-12-28mac80211: Generalize off-channel operation helpers from scan codeJouni Malinen1\-150/+6

CVE-2022-41674: git/torvalds/linux.git - Linux kernel source tree

A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.

CVE-2022-42721

In the Linux kernel 5.8 through 5.19.14, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.

'1204125?cve=title' is not a valid bug number nor an alias to a bug.

Please press **Back** and try again.

CVE-2022-42722: Invalid Bug ID

Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.

'1204059?cve=title' is not a valid bug number nor an alias to a bug.

Please press **Back** and try again.

CVE-2022-42720: Invalid Bug ID

At Next '22, Google Cloud announces updates to its trusted cloud ecosystem with new Sovereign Solutions initiative and partnerships spanning critical areas of cybersecurity.

SUNNYVALE, Calif., Oct. 11, 2022 /PRNewswire/ -- Google Cloud today announced a significant expansion of its trusted cloud ecosystem, highlighting new integrations and offerings with more than twenty partners focused on enabling greater data sovereignty controls, supporting Zero Trust models, unifying identity management, and improving endpoint security for global businesses.

Global businesses face growing challenges in cybersecurity and data protection, as cyber threats become increasingly sophisticated, hybrid work becomes the norm, and governments adopt new requirements for data sovereignty and control. Google Cloud provides businesses with industry-leading, end-to-end security capabilities to support customers across their cloud and on-premises environments—and today it is announcing a series of partnerships that extend its leadership as an open and trusted cloud.

By embracing its ecosystem of partners, Google Cloud is ensuring that global businesses have choice and flexibility to work with leading cybersecurity vendors and to deliver diverse sets of applications on infrastructure compliant with growing data protection requirements.

"Providing businesses with extensible cybersecurity solutions in the cloud, and a collaborative ecosystem of partners, is the only practical approach to addressing enterprises' greatest cybersecurity challenges," said Sunil Potti, VP, Cloud Security at Google Cloud. "Our partners play a critical role in keeping customers secure and compliant, whether enabling secure hybrid work, safeguarding critical infrastructure, or meeting stringent data residency requirements."

"Success with today's digital business platforms requires a connected and trusted ecosystem of partners to help ensure better security outcomes for customers," said Prem Iyer, VP, GSI and CSP Ecosystems at Palo Alto Networks. "We remain committed to continuing our momentum with Google Cloud, delivering best-in-class solutions that simplify cloud security for our joint customers while improving their security posture."

"The Symantec Enterprise Division and Google Cloud are committed to addressing critical requirements of governments and highly regulated industries to establish sovereignty over data at rest, in use, and in transit," said Rob Greer, VP and GM at Symantec Enterprise Division, Broadcom. "The Google Cloud Ready–Sovereign Solutions program provides Symantec customers with a transparent and flexible approach to meet local data security and privacy laws, across our cybersecurity solutions."

**Bringing partner applications to European sovereign clouds**  
Google Cloud is announcing a new Google Cloud Ready–Sovereign Solutions program to help customers identify partner applications validated to be compatible with Google Cloud's portfolio of Sovereign Solutions, including partner offerings from T-Systems in Germany and S3NS in France. This program will give customers the confidence to continue using applications that are critical to their business while meeting their digital sovereignty objectives.

Today, a diverse group of software partners are committing to validate their platforms for this program, including Aiven, Broadcom (Symantec), Cloud Software Group (Citrix), Climate Engine, Commvault, Confluent, Datadog, DataIKU, Dell Technologies, Elastic, Fortinet, Gitlab, Iron Mountain, LumApps, MongoDB, NetApp, OpenText, Palo Alto Networks, Pega Systems, Siemens, SUSE, Thales, Thought Machine, Veeam, and VMware.

**Expanding Zero Trust architecture with partners**  
Businesses around the world utilize Google Cloud's BeyondCorp Enterprise Zero Trust solution to enable secure access to applications and resources and to safeguard data. In 2020, Google Cloud announced the BeyondCorp Alliance, creating an ecosystem of partners to help enable customers to integrate products and utilize information from leading security vendors including CrowdStrike, Palo Alto Networks, VMware, and more.

Today, Google Cloud is taking a significant step forward in the extensibility of its Zero Trust offerings by partnering with Palo Alto Networks to ensure customers can embrace a ZTNA 2.0 strategy, protecting all users and applications on devices connected across any network.

**Simplifying identity management across platforms**  
Unified identity management is another critical component to secure hybrid work, because it safely eliminates the need to maintain separate user identities across multiple platforms. Alongside its own Identity and Access Management products, Google Cloud is announcing new integrations with ForgeRock, JumpCloud, Okta, and Ping Identity that will automatically extend identity management capabilities and policies to joint customers, adding significant value to investments customers have already made, and helping further secure commonly-used applications.

**Improving endpoint security and operations**  
These partnerships build on Google Cloud's existing ecosystem of endpoint and security operations partners. Strong endpoint protection helps businesses maintain data security while giving their workforces the flexibility to access key applications and information seamlessly across devices, including mobile phones, desktops, laptops, and more. Through its Chronicle Security Operations platform, Google Cloud offers a modern, cloud-first suite that better enables cybersecurity teams to detect, investigate, and respond to threats.

Google Cloud's ecosystem of partners like CrowdStrike, Cybereason, and Fortinet integrate their platforms with Chronicle, ensuring customers have the flexibility and choice to modernize their endpoint security operations.

With the addition of Mandiant to Google Cloud, endpoint partners will also have opportunities to deepen their integrations with Google Cloud's end-to-end security operations suite, with even greater capabilities to support customers across their cloud and on-premises environments.

**Delivering implementation and managed services through systems integrators**  
Google Cloud's top systems integrators including Deloitte will provide implementation customization and managed services for customers, bringing together Google Cloud's capabilities in security analytics, threat intelligence, automation, and SecOps with those of its ecosystem to help customers more quickly prevent and respond to cyber threats.

Learn more about Google Cloud's ecosystem of security partners here.

**About Google Cloud**  
Google Cloud accelerates every organization's ability to digitally transform its business. We deliver enterprise-grade solutions that leverage Google's cutting-edge technology – all on the cleanest cloud in the industry. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.

SOURCE Google Cloud

Google Cloud Advances Partnerships with 20-Plus Software Companies Focused on Digital Sovereignty and Cybersecurity

Silent Eight announced an extension to its existing partnership with HSBC to tackle financial crime.

LONDON, Oct. 11, 2022 /PRNewswire/ -- The new service will cover the deployment of Negative News Screening that leverages machine learning to identify individuals who pose a greater risk for money laundering, fraud or terrorist financing. As financial crime continues to present a challenge, banks need to pivot to an increased use of Machine Learning within compliance, and move away from manual processes or alert scoring.

Silent Eights' solution provides a more effective approach to address true matches and resolve the issue of false identifications. With this expansion, Silent Eight will be solving name screening matches across every risk type within HSBC.

"HSBC is dedicated to drive AI innovation in the financial services field, and with Silent Eight's capabilities, we continue our focus on tackling financial crime more effectively and make the industry safer. We are excited to see the value that they will create by integrating Negative News screening into our platforms," said Mark Turkington, Group Head of Financial Crime Detection.

Silent Eight CRO, Matt Leaney, said, "Working with a technology leader like HSBC who is embracing machine learning within compliance is a pleasure for us. It is a true partnership of shared goals and interests, we look forward to deepening our relationship and supporting their goals for many years to come."

**About Silent Eight:**

Silent Eight makes crime bad business and with its banking, insurance and payment partners is responsible for stopping bad actors accessing the financial system Silent Eight leads the world in Artificial Intelligence solutions for the compliance challenges of today and tomorrow. Spanning customers and transactions, covering Sanctions, Adverse News, PePs and monitoring Silent Eight ensures all potential risks are investigated and decided quickly, accurately and consistently.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

HSBC and Silent Eight Expand Machine Learning Partnership

Resistant AI and ComplyAdvantage launch AI transaction monitoring solution to combat fraud and money laundering.

LONDON, Oct. 11, 2022 /PRNewswire-PRWeb/ -- Holvi, the digital banking service for small businesses, is among the initial group of customers to implement the AI-driven solution to manage their financial crime risk.

Resistant AI, the AI and machine learning financial crime prevention specialists, and ComplyAdvantage, the financial industry's leading source of AI-driven financial crime risk data and detection technology, today announced the general availability of their solution for fighting financial crime across  
the U.S. and Europe.

Financial crime is a multi-trillion-dollar problem. According to the \[United Nations, the estimated amount of money laundered globally in one year is 2 - 5% of global GDP, or 800 billion - 2 trillion US dollars. While the cost of fraud and money laundering to financial organizations and other businesses is significant, the cost and damage to economies and society as a whole is immeasurable.

Adding Resistant AI's capabilities to ComplyAdvantage's transaction risk monitoring platform extends anti-money laundering (AML) and anti-fraud protections offered to financial institutions and other businesses by:

\-- Enabling them to detect previously unknown patterns of behavior and identify new risks faster.  
\-- Delivering alert prioritization so organizations can focus on the highest-risk areas and make the best use of their investigative resources.

With these capabilities, organizations can transition to a more dynamic approach to financial crime that uncovers novel behavior as it happens.

"Effectiveness and efficacy are key to scaling," comments Valentina Butera, Head of AML and AFC Operations at Holvi. "Integrating an AI-driven transaction monitoring solution means we can grow our customer base without growing our headcount at the same rate. With Resistant AI and ComplyAdvantage, we can manage our known risks more efficiently while also identifying and adapting to previously unknown risks."

Martin Rehak, founder, and CEO at Resistant AI, commented, "We are delighted that our joint solution is now available to drive game-changing efficiency gains. Alert prioritization, the ability to make systems more effective and identify previously unknown risks enables the most effective use of investigative resources and ensures a true risk-based approach."

"In a complex, rapidly shifting world, criminals continue to find new ways to exploit financial services to launder the proceeds of their crimes. At ComplyAdvantage, we are passionate about giving our clients the best tools to protect themselves - and their customers - from these bad actors and fight back.

The addition of Resistant AI's capabilities will allow our clients to do just that," said Charles Delingpole, founder, and CEO at ComplyAdvantage.

Today's announcement coincides with the launch of a new thesis paper on AI in transaction monitoring. Co-authored by ComplyAdvantage and Resistant AI, it explores how customers like Holvi can increase the speed and accuracy with which they monitor transactions for fraud and other financial crime risks.

**About Resistant AI**

Founded in 2019, Resistant AI uses AI and machine learning to provide identity forensic solutions that protect automated financial services from fraud and manipulation, including customer onboarding, AML and existing fraud detection systems. The Resistant AI founding team has a deep background in machine learning, artificial intelligence and computer security with more than 15 years of experience applying AI in the computer security domain. Backed by GV (formerly Google Ventures), Index Ventures, Credo Ventures, Seedcamp, and several angel investors specializing in financial technology and security, Resistant AI is headquartered in Prague with offices in London and New York.

Visit resistant.ai to learn more.

**About ComplyAdvantage**

ComplyAdvantage is the financial industry's leading source of AI-driven financial crime risk data and detection technology. ComplyAdvantage's mission is to neutralize the risk of money laundering, terrorist financing, corruption, and other financial crime. More than 500 enterprises in 75 countries rely on ComplyAdvantage to understand the risk of who they're doing business with through the world's only global, real-time database of people and companies. The company identifies thousands of risk events daily from millions of structured and unstructured data points.

ComplyAdvantage has four global hubs in New York, London, Singapore, and Cluj-Napoca and is backed by Goldman Sachs, Ontario Teachers', Index Ventures, and Balderton Capital. Learn more at https://complyadvantage.com/.

Resistant AI and ComplyAdvantage Launch AI Transaction Monitoring Solution To Combat Fraud and Money Laundering

A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.14 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.

CVE-2022-42719

Categories: News
Tags: Google

Tags:  passkeys

Tags:  Android

Tags:  Chrome

Tags:  public key

Tags:  private key

Tags:  authenticator

Tags:  WebAuthn

Passwords won't disappear any time soon, but a viable alternative is taking shape



(Read more...)




The post Android and Chrome start showing passwords the door appeared first on Malwarebytes Labs.

Google has announced that it's bringing passkey support to both Android and Chrome. On May 5, 2022, it said it would implement passwordless support in Android and Chrome and the latest annoncement about passkeys is an important step in that journey.

**Passkeys**

Passkeys are a replacement for passwords. They are faster to sign in with, easier to use, and much more secure. Sounds good, right? So, why isn’t everybody using them already? Maybe because we do a bad job at explaining how easy they are.

Although they share four letters, passkeys are nothing like passwords. They use public-key cryptography, which requires a set of two cryptographic "keys". One is public and one is private.

The public key is generated by the user and stored by whatever service the user is logging in to. When a user wants to log in, the service sends the user some data to "sign", the user encryptes it with their private key and sends it back. The service then decrypts it with the public key. If the decryption works that's proof that the owner of the private key signed the data and is therefore owner of the public key.

A user does not have to remember the public key or, heaven forbid, type it out in some form. That would only make matters worse. The public key also does not need to be kept a secret. Which means you don’t have to worry about data breaches, post-its, machine-in-the-middle attacks, or any other way it could be discovered or fall into the wrong hands, because the wrong hands are welcome to it: It is useless to them.

As long as your private key is safe, you are secure. And the private key stays on a device you own, such as a phone or hardware key, is never shared with anybody or any thing, and never leaves your possession. It's job is to prove that the public key is really yours.

**Authenticators**

So, your private key is something you hold on to, but where do you keep it, what actually does the signing with it, and how is it secured? All of this happens on devices called "authenticators".

An authenticator is a device that knows how to create and share the public key, knows how to store private keys, and knows how to use them to sign things. Authenticators can be hardware keys, phones, laptops, or any other kind of computing device. Best of all, authenticators can be a separate device from the one you're logging in on. So you can log in to a website on your laptop and use a phone paired with your laptop as the authenticator.

Since passkeys are built on industry standards, this works across different platforms and browsers—including Windows, macOS, iOS, and ChromeOS. An Android user can sign in to a passkey-enabled website using Safari on a Mac, and a Windows user can do the same using a passkey stored on their iOS device.

Before an authenticator will share a public key or sign you into a site you have to authorise it to do so using a "gesture". What constitutes a gesture is deliberately vague: It could be a button press, it could be a succesful Windows Hello face recognition, entering a PIN, or pressing a finger on your phone's fingerprint sensor.

What's important to remember here is that the gesture does not get sent to the website, it just permits the authenticator to do its work. So, if your authenticator uses a fingerprint scanner there is no need to worry your fingerprints will get sent to the website, exposed in a breach and re-used on a crime scene. Whether it’s a fingerprint, a facial scan, or anything else, the website knows nothing about the gesture at all.

**Lost passkeys**

Now your greatest worry is probably—what happens if I lose my private key or the device it’s on? This is where Google's announcement comes in. (In my eagerness to explain, I almost forgot to tell you what it was exactly that Google announced.)

The announcement is:

*   Users can create and use passkeys on Android devices, which are securely synced through the Google Password Manager.
*   Developers can build passkey support on their sites for end-users using Chrome via the WebAuthn API, on Android and other supported platforms.

Passkey synchronization makes it very hard to lose your private key: Passkeys are recoverable even in the event that all associated devices are lost.

This is similar to Apple's ability to recover a keychain. To do so, a user must authenticate with their iCloud account and password and then respond to an SMS sent to their registered phone number. With the keychain in hand, passkeys can be recovered through iCloud keychain escrow.

**Shift of responsibility**

For years the responsibility for safe authentication has been put in the wrong hands: Users'. Since we all know that the strength of a chain is never greater than that of the weakest link, we’ve been trying to improve the strength of that link. Sometimes by educating users, or yelling at them, even lying to them, or anything else that we thought could invoke a more responsible use of passwords.

What we haven’t done, or at least not as loud, is wonder how threat actors got their hands on all these username-password combination they could use in credential stuffing attacks. The answer was breaches. Asking a visitor to come up with a unique and secure password and then having thousands or even millions of them stolen doesn’t make the user feel any better about password security, does it now?

If you will allow me another analogy: In the past we sent a canary down into the mines to warn the miners if the carbon monoxide level was too high. The gases would kill the canary before killing the miners, thus providing a warning to exit the tunnels immediately. To improve that method, we didn’t start breeding stronger canaries, we improved the methods of detecting toxic gasses.

**Password less future**

For years we’ve been asking when we can get rid of passwords for good? Not yet, but this is a step closer. Now that it is available, we just have to get everyone on board.

The good news is that every modern browser already knows how to handle their part, by supporting the WebAuthn standard, so all we need now is for websites and other online resources to support it, and for vendors to create compatible authenticators.

Last year Microsoft announced that as of September 15, 2021 you can completely remove the password from your Microsoft account and use the Microsoft Authenticator app, Windows Hello, a security key, or a verification code sent to your phone or email to sign in to Microsoft apps and services. Together with Google and Microsoft, Apple committed to expanded support for FIDO standard to accelerate availability of password less sign-ins.

Let us know in the comments whether you agree that a better understanding of how passkeys work will make the transition go faster.

Android and Chrome start showing passwords the door

The comprehensive, multiplatform framework comes loaded with weapons, and it is likely another effort by a China-based threat group to develop an alternative to Cobalt Strike and Sliver.

Researchers have uncovered a potentially dangerous cyberattack framework targeting Windows, Linux, and Mac systems that they assess is likely already being used in the wild.

The framework consists of a new, stand-alone, command-and-control (C2) tool dubbed "Alchimist," a previously unseen remote access Trojan (RAT) called "Insekt," and several bespoke tools like a custom backdoor and malware for exploiting vulnerabilities in macOS. It also includes reverse proxies and several dual-use tools such as netcat, psexec, and an intranet-scanning tool called fscan.

"Alchimist is a new C2 framework that can be rapidly deployed and operated with relatively low technical expertise by a threat actor," says Nick Biasini, head of outreach at Cisco Talos.

**A Cobalt Strike Alternative?**

Researchers from Cisco Talos who discovered the attack framework described Alchimist as another example of threat actors trying to develop alternatives to popular post-exploit tools such as Cobalt Strike and, more recently, Sliver. 

"The emergence of such frameworks in the wild suggests that threat actors are actively trying to develop alternative solutions to popular attack frameworks ... whose increasing popularity has led to rigorous detection efforts," Biasini says. 

In a blog post on Oct. 13, Cisco Talos described Alchimist as a 64-bit Linux executable written in GoLang with a Web interface written in Simplified Chinese, the official written script for mainland China. The Insekt RAT, Alchimist's primary implant, is also implemented in GoLang. The malware features several remotely accessible capabilities that allow it to be customized via the C2 server.

"\[Alchimist\] can generate a configured payload, establish remote sessions, deploy payloads to the remote machines, capture screenshots, perform remote shellcode execution and run arbitrary commands," the report noted. Giving it those capabilities are a variety of malware tools, including a Mach-0 backdoor for macOS and a separate macOS malware dropper that exploits a known vulnerability in a root program associated with major Linux distributions (CVE-2021-4034).

Of note, the Insekt RAT implants that Alchimist generates features a wide range of capabilities that essentially makes it a Swiss Army knife for the attackers on the infected system, Biasini says.

A campaign utilizing the attack framework has been active since at least January. 

"Although Talos does not have information on the precise targeting intended in this campaign, the intention of the attacks is to compromise and establish long-term access into victim environments," Biasini says.

**Stand-Alone Frameworks**

Cisco Talos has compared the Alchimist framework with another attack framework it discovered recently, dubbed Manjusaka. In a report in August, the company described Manjusaka as a Chinese sibling of Cobalt Strike and Sliver that a threat actor was actively using in a campaign involving COVID-19 and China-themed lure documents.

Both Alchimist and Manjusaka are stand-alone, single-file-based C2 frameworks with similar design philosophies but different implementations. Both come ready to use with no installation required, and both can patch and generate implants such as the Insekt RAT on the fly, Cisco Talos said.

One feature of the new C2 that the company highlighted as being notable is its ability to generate PowerShell and wget code snippets for Windows and Linux.

The snippets give threat actors the ability to create an infection vector for Insekt RAT without having to author custom code or utilize additional tools, Biasini says. Attackers can simply add the PowerShell/wget code to a delivery vector such as a malicious document's VBA Macro or to a malicious shortcut file and then distribute it to victims for infection. 

"This offering may be an attempt by the authors to provide bonus features in the C2 framework and make it more enticing to threat actors," he notes.

Tag

#mac