Written By Josh Harriman And Presented By Chuck Leaver Ziften CEO
Do you like watching movies with popular apps like Kodi, SmartTV or VLC on your devices? How about needing or wanting subtitles with those films and simply getting the current pack from OpenSubtitles. No problem, sounds like an excellent night at home. Problem is, in accordance with research by Check Point, you could be in for a nasty surprise.
For the hackers to take control of your ‘realm’, they need a vector or some method to gain entry to your system. There are some common ways that occur nowadays, such as creative (and not so creative) social engineering techniques. Getting emails that appear to come from pals or colleagues which were spoofed and you opened an attachment, or went to some website and if the stars lined up, you were pwned. Typically the star alignment part is not that hard, only that you have some vulnerable software application running that can be accessed.
Since the trick is getting users to work together, the target audience can sometimes be hard to discover. But with this latest research study published, many of the major media players have a special vulnerability when it concerns accessing and translating subtitle bundles. The 4 main media giants noted in the post are fixed to date, but as we have seen in the past (just take a look at the current SMB v1 vulnerability problem) even if a repair is available, does not suggest that users are updating. The research has likewise omitted to show the technical details around the vulnerability to permit other suppliers time to patch. That is an excellent indication and the appropriate approach I believe scientists ought to take. Notify the vendor so they can repair the problem and also announce it publicly so ‘we the people’ are notified and understand what to keep an eye out for.
It’s tough to keep up with the numerous methods you can get infected, however at least we have researchers who tirelessly attempt to ‘break’ things to discover those vulnerabilities. By performing the appropriate disclosure approaches, they assist everybody take pleasure in a more secure experience with their devices, and in this scenario, a great night in at the movies.