Tag Archives: Exploit

[ISN] Hacking Team’s Leak Helped Researchers Hunt Down a Zero-Day

www.wired.com/2016/01/hacking-team-leak-helps-kaspersky-researchers-find-zero-day-exploit/ By Kim Zetter Security Wired.com 01/13/16 ZERO-DAY EXPLOITS ARE a hacker’s best friend. They attack vulnerabilities in software that are unknown to the software maker and are therefore unpatched. Criminal hackers and intelligence agencies use zero day exploits to open a stealth door into your system, and because antivirus companies also don’t know about them, the exploits can remain undetected for years before they’re discovered. Until now, they’ve usually been uncovered only by chance. But researchers at Kaspersky Lab have, for the first time, discovered a valuable zero-day exploit after intentionally going on the hunt for it. And they did so by using only the faintest of clues to find it. The malware they found is a remote-code execution exploit that attacks a vulnerability in Microsoft’s widely used Silverlight software—a browser plug-in Netflix and other providers use to deliver streaming content to users. It’s also used in SCADA and other industrial control systems that are installed in critical infrastructure and industrial facilities. The vulnerability, which Microsoft called “critical” in a patch released to customers on Tuesday, would allow an attacker to infect your system after getting you to visit a malicious website where the exploit resides—usually through a phishing email that tricks you into clicking on a malicious link. The attack works with all of the top browsers except Chrome—but only because Google removed support for the Silverlight plug-in in its Chrome browser in 2014. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] When the Internet of Things Starts to Feel Like the Internet of Shit

motherboard.vice.com/read/when-the-internet-of-things-starts-to-feel-like-the-internet-of-shit By LORENZO FRANCESCHI-BICCHIERAI STAFF WRITER Motherboard.vice.com December 17, 2015 If you listen to tech companies’ marketing reps, the future is made of internet connected devices that seamlessly talk to each other, as well as your smartphone, and turn your good-old house into a truly sci-fi-esque smart home where you don’t even need to think about turning up the heat or turning off the lights. Behold the shiny and intelligent future of the Internet of Things. What they don’t tell you is that as we put software into old-fashioned home appliances, there will be bugs that’ll make those appliances useless. The WiFi goes down? Put on a sweater because your smart thermostat might stop working. A lightbulb malfunctions? Your whole smart home stops working. And with bugs, there will be hackers ready to exploit them, either to creep out babies through hackable baby monitors, or to steal Gmail credentials through smart fridges. But that hasn’t stopped companies and questionable visionaries from imagining internet connected air fresheners, toilet paper holders, and even jump ropes. As more things from the Internet of Things start trickling into people’s homes, one Twitter account called “Internet of Shit” has been trying to shine a light into this bizarre and scary future with a steady stream of funny and smart (as in clever, not internet-connected) jokes. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] “Unauthorized code” in Juniper firewalls decrypts encrypted VPN traffic

arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/ By Dan Goodin Ars Technica Dec 17, 2015 An operating system used to manage firewalls sold by Juniper Networks contains unauthorized code that surreptitiously decrypts traffic sent through virtual private networks, officials from the company warned Thursday. It’s not clear how the code got there or how long it has been there. An advisory published by the company said that NetScreen firewalls using ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20 are affected and require immediate patching. Release notes published by Juniper suggest the earliest vulnerable versions date back to at least 2012 and possibly earlier. There’s no evidence right now that the backdoor was put in other Juniper OSes or devices. “During a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen devices and to decrypt VPN connections,” Juniper Chief Information officer Bob Worrall wrote. “Once we identified these vulnerabilities, we launched an investigation into the matter, and worked to develop and issue patched releases for the latest versions of ScreenOS.” A separate advisory from Juniper says there are two separate vulnerabilities, but stops short of describing either as “unauthorized code.” The first flaw allows unauthorized remote administrative access to an affected device over SSH or telnet. Exploits can lead to complete compromise. “The second issue may allow a knowledgeable attacker who can monitor VPN traffic to decrypt that traffic,” the advisory said. “It is independent of the first issue. There is no way to detect that this vulnerability was exploited.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] When a single e-mail gives hackers full access to your network

arstechnica.com/security/2015/12/when-a-single-e-mail-gives-hackers-full-access-to-your-network/ By Dan Goodin Ars Technica Dec 16, 2015 When you’re a Fortune 500 company that’s a favorite target of sophisticated hackers, it often makes sense to install security appliances at the outer edges of your network to stop attacks before they get far. Now, researchers say they have uncovered a vulnerability in such a product from security firm FireEye that can give attackers full network access. The vulnerability, which is on by default in the NX, EX, AX, FX series of FireEye products, was FireEye last week, after researchers from Google’s Project Zero privately reported it. It made it possible for attackers to penetrate a network by sending one of its members a single malicious e-mail, even if it’s never opened. It’s not uncommon for outsiders to find such critical flaws in a security product. Still, the proof-of-concept exploit underscores that such game-over threats often extend to some of a network’s most critical equipment. As Google employee Tavis Ormandy explained in a blog post published Tuesday: […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Blackhole Exploit Kit Makes a Comeback

www.eweek.com/security/blackhole-exploit-kit-makes-a-comeback.html By Robert Lemos eWEEK.com 2015-11-19 The once-popular Blackhole exploit kit has returned, attempting to infect using old exploits but also showing signs of active development, according to researchers with security firm Malwarebytes. Over the weekend, Malwarebytes detected attacks using older exploits for Oracle’s Java and Adobe’s Acrobat, but which attempted to deliver recently compiled malware. When Malwarebytes investigated, it found, behind the attacks, a poorly secured server that had Blackhole installed on it. The return of Blackhole suggests that cyber-criminals may be reusing the code, which was leaked in 2011, Jérôme Segura, senior security researcher for Malwarebytes Labs, told eWEEK. “Blackhole was well-written, and we have seen in the past, like with Zeus, that a lot of criminals do not reinvent the wheel,” he said. “They will use older infrastructure and build on top of it.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Apple fixes 49 security bugs in iOS 9.1; kills jailbreak

www.zdnet.com/article/apple-fixes-security-bugs-in-ios-9-1-kills-jailbreak/ By Zack Whittaker Zero Day ZDNet.com October 21, 2015 Apple has fixed 49 separate security vulnerabilities in iOS 9.1. The company, which released the software on Wednesday for iPhones and iPads, detailed the flaws in its updated security documentation. Two of the fixes were credited to PanguTeam, a well-known jailbreak team based out of China, which earlier this month released the first jailbreak tool for devices running iOS 9. Jailbreaking (similar to “rooting” for Android phones) allows a user to gain access to more features on a iPhone or iPad, but it comes with additional security risks. It’s not illegal but it will void a user’s warranty. Apple said a heap based buffer overflow issue could allow a malicious app “to elevate privileges,” similar to how jailbreaking works.Another flaw allows a malicious app to exploit a memory corruption issue to “execute arbitrary code with kernel privileges,” which Apple said it fixed this flaw with improved memory handling. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Brit infosec bod finds Kaseya ‘master admin’ remote code exec holes

http://www.theregister.co.uk/2015/09/24/brit_infosec_bod_finds_kaseya_master_admin_remote_code_exec_holes/ By Darren Pauli The Register 24 Sep 2015 Three remote code execution and privilege escalation flaws have been reported in the Kaseya IT management software which when chained enable unauthenticated attackers to gain ‘master admin’ status. The remote upload holes reported by British Agile Information Security bod Pedro Ribeiro and since patched allow attackers to upload arbitrary code to Kaseya Virtual System Administrator. Any net crim can exploit words one vulnerability (CVE-2015-6922) to upload and execute arbitrary code on the server under the context of IIS. That flaw rated a severity score of 7.5 exists within the uploader.aspx page which fails to enforce authentication and does not restrict destination file paths. A privilege escalation flaw in the same feature and also rated 7.5 uin severity will make attackers ‘master admins’. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] FBI issues alert for IoT device security

http://www.healthcareitnews.com/news/fbi-issues-alert-iot-device-security By Erin McCann Managing Editor Healthcare IT News September 16, 2015 When the Federal Bureau of Investigation issues an alert to healthcare organizations and others warning of the serious cyber risks the Internet of Things presents, it’s probably best to pay attention. For healthcare security folks, this means paying closer attention to the myriad IoT devices within their organizations. And they’re not necessarily all the devices you might think of. They also include things such as HVAC remotes, Wi-Fi camera, insulin dispensers, thermostats and any type of wearable and other medical devices. These devices, FBI officials said, are notorious for having serious security deficiencies. This, combined with patching vulnerabilities, make these IoT devices an attractive target for cybercriminals. So what are the most pressing IoT risks, according to the FBI? The first is exploiting the Universal Plug and Play protocol to gain access to these devices. The next involves taking advantage of those default passwords to transmit malicious and spam emails or swipe personal and financial data. There’s also the risk of cybercriminals overloading these devices, effectively rendering them inoperable, which could have serious consequences in the realm of healthcare. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail