New Silex malware is bricking IoT devices, has scary plans

Posted on June 25, 2019 by mea at 3:56 pm

This also means Silex will trash Linux servers if they have Telnet ports open and if they’re secured with poor or widely-used credentials.

Source: New Silex malware is bricking IoT devices, has scary plans | ZDNet

Ruh roh!

Remotely compromise devices by using bugs in Marvell Avastar Wi-Fi

Posted on January 19, 2019 by mea at 5:05 pm

That’s why this bug is so cool and provides an opportunity to exploit devices literally with zero-click interaction at any state of wireless connection (even when a device isn’t connected to any network). For example, one can do RCE in just powered-on Samsung Chromebook. So just to summarize:

It doesn’t require any user interaction.

It can be triggered every 5 minutes in case of GNU/Linux operating system.

It doesn’t require the knowledge of a Wi-Fi network name or passphrase/key.

It can be triggered even when a device isn’t connected to any Wi-Fi network, just powered on.

Source: Remotely compromise devices by using bugs in Marvell Avastar Wi-Fi: from zero knowledge to zero-click RCE – Embedi

In this research, I used ALFA networks wireless adapter in the monitor mode, which is based on Realtek 8187 wireless chipset. The exploit can be implemented with python Scapy framework. For some reason, Ubuntu GNU/Linux distrubution isn’t good enough to inject Wi-Fi frames fast, so it is better to use Kali.

Linux systemd Affected by Memory Corruption Vulnerabilities, No Patches Yet

Posted on January 11, 2019 by mea at 2:38 pm

The bugs exist in ‘journald’ service, tasked with collecting and storing log data, and they can be exploited to obtain root privileges on the target machine or to leak information. No patches exist at the moment.

Source: Linux systemd Affected by Memory Corruption Vulnerabilities, No Patches Yet

Microsoft warns about two apps that installed root certificates then leaked the private keys

Posted on November 28, 2018 by mea at 4:53 pm

In researchers’ own words “every system on which HeadSetup […] was installed at any time in the past […] remains vulnerable” until users manually review the Trusted Root Certificate Store and remove the two certificates, or until the certificates expire –which could be January 13, 2027, or July 27, 2037, respectively.

Source: Microsoft warns about two apps that installed root certificates then leaked the private keys | ZDNet

Researcher finds simple way of backdooring Windows PCs and nobody notices for ten months

Posted on October 17, 2018 by mea at 4:36 pm

The technique does not allow a hacker to remotely infect a computer unless that computer has been foolishly left exposed on the Internet without a password.

Source: Researcher finds simple way of backdooring Windows PCs and nobody notices for ten months | ZDNet

Since registry keys are also boot persistent, any modifications made to an account’s RID remain permanent, or until fixed.

No, a Teen Did Not Hack a State Election

Posted on August 25, 2018 by mea at 10:53 am

Instead, students were working with look-alikes created for the event that had vulnerabilities they were coached to find. Organizers provided them with cheat sheets, and adults walked the students through the challenges they would encounter.

Source: No, a Teen Did Not Hack a State Election — ProPublica

Valve Patches Security Bug That Existed in Steam Client for the Past Ten Years

Posted on May 31, 2018 by mea at 12:46 pm

Court says an attacker was only required to send malformed UDP packets to a target’s Steam client, which would have triggered the bug and allowed him to run malicious code on the target’s PC.

Source: Valve Patches Security Bug That Existed in Steam Client for the Past Ten Years

Researchers Hacked Amazon’s Alexa to Spy On Users, Again

Posted on April 25, 2018 by mea at 3:24 pm

“On default, Alexa ends the sessions after each duration… we were able to build in a feature that kept the session going [so Alexa would continue listening]. We also wanted to make sure that the user is not prompted and that Alexa is still listening without re-prompts,” Erez Yalon, manager of Application Security Research at Checkmarx, told Threatpost.

Source: Researchers Hacked Amazon’s Alexa to Spy On Users, Again | Threatpost | The first stop for security news

Meltdown and Spectre: clearing up the confusion

Posted on January 13, 2018 by mea at 11:20 pm

For a typical user, the browser presents the highest risk, but we have yet to see proof of concept code that exploits this vulnerability through JavaScript – and browser vendors have started issuing patches as well (for example, Mozilla has issued a new version of Firefox, 57.0.4, where they have decreased the precision of time sources to make attacks such as Spectre more difficult or impossible). If you run stuff as Administrator: Spectre makes no difference for you really.

In other words: the world will end over the weekend.

Source: Meltdown and Spectre: clearing up the confusion – SANS Internet Storm Center

Windows 10 Bundles a Password Manager. Password Manager Bundles a Security Flaw

Posted on December 18, 2017 by mea at 1:13 am

“This potential vulnerability requires a Keeper user to be lured to a malicious website while logged into the browser extension, and then fakes user input by using a ‘clickjacking’ technique to execute privileged code within the browser extension,” said Craig Lurey, co-founder and CTO of Keeper Security.

Source: Windows 10 Bundles a Password Manager. Password Manager Bundles a Security Flaw

Bucktown Bell

Cut to the chase.

Tag Archives: security research