Tag Archives: vulnerability

[ISN] Researchers uncover signs of Superfish-style attacks

http://www.computerworld.com/article/2889469/researchers-uncover-signs-of-superfish-style-attacks.html By Gregg Keizer Computerworld Feb 26, 2015 Researchers at the Electronic Frontier Foundation (EFF) yesterday said that they had found evidence that implies attackers have exploited a security vulnerability in the Superfish adware and a slew of other programs. Superfish, a company that markets a visual search product, made the news last week when Lenovo was found to have pre-loaded the program on its consumer-grade PCs during a four-month span late last year. Lenovo has acknowledged that Superfish poses a security threat to customers, and has released a tool to eradicate the software. Microsoft, McAfee




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Google Launches New Incentive Program for Bug Hunters

http://www.eweek.com/security/google-launches-new-incentive-program-for-bug-hunters.html By Jaikumar Vijayan eWEEK.com 2015-02-02 Google will offer up-front grants of up to $3,133.70 to selected vulnerability researchers who will receive rewards regardless of whether they find a bug. Buoyed by the success of its existing bug-bounty program, Google has launched an initiative to reward researchers interested in finding security vulnerabilities in its products. Google’s new Vulnerability Research Grants initiative will offer up-front cash awards of up to $ 3,133.70 to researchers interested in taking a crack at specific Google products and services. Unlike the company’s current bug-bounty program, the new initiative will reward vulnerability researchers regardless of whether they find a bug or not. At the same time, researchers who do actually find a bug under the grants program will remain eligible for a bounty under Google’s current Security Rewards Program as well. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Dating site Topface pays hacker who stole 20 million credentials

http://www.techworld.com/news/security/dating-site-topface-pays-hacker-who-stole-20-million-credentials-3596333/ By John E Dunn Techworld.com Jan 30, 2015 The ‘Mastermind’ hacker who stole 20 million user credentials from Russian dating website Topface has got an extraordinary response from his victim – an undisclosed payment for “finding” the vulnerability that led to the calamitous breach. It’s an extraordinary turns of events that would be unthinkable in almost any other country but the site justified its decision with the argument that recovering the data would end the matter once and for all. Recall that the hacker in question had tried to sell the stolen data on a crime forum which is where the breach was first noticed by a third party, US securty outfit Easy Solutions. Without that discovery the data would probably have been sold on without the site realising that a breach had happened in the first place. “He [Mastermind] has confirmed the findings of our investigation and has made an agreement with Topface for no further distribution of acquired email addresses database,” the firm said in a statement. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Critical Ghost bug could haunt WordPress and PHP apps, too

http://arstechnica.com/security/2015/01/critical-ghost-bug-could-haunt-wordpress-and-php-apps-too/ By Dan Goodin Ars Technica Jan 30, 2015 Add PHP applications and the WordPress Web platform to the list of wares that may be susceptible to the critical Linux vulnerability known as Ghost. As Ars reported Wednesday, the flaw resided in a variety of Linux distributions, including Centos/RHEL/Fedora 5, 6, and 7 Ubuntu 12.04, and possibly other versions. The buffer overflow made its way into those distributions through the GNU C Library, specifically in its gethostbyname() and gethostbyname2() function calls. The bug made it possible to execute malicious code by sending malformed data to various applications and services running on vulnerable systems. Proof-of-concept attack code was able to exploit the vulnerability in the Exim mail server, and researchers widely suspected clockdiff, procmail, and pppd were also susceptible. Now, researchers from security firm Sucuri have expanded the list. “We also have good reasons to believe PHP applications might also be affected, through its gethostbyname() function wrapper,” Sucuri Senior Vulnerability Researcher Marc-Alexandre Montpas wrote in a blog post published Thursday. “An example of where this could be a big issue is within WordPress itself: it uses a function named wp_http_validate_url() to validate every pingback’s post URL… and it does so by using gethostbyname(). So an attacker could leverage this vector to insert a malicious URL that would trigger a buffer overflow bug, server-side, potentially allowing him to gain privileges on the server.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] What every utility should know about the new physical security standard

http://www.intelligentutility.com/article/15/01/what-every-utility-should-know-about-new-physical-security-standard By William E. Reiter intelligentutility.com Jan 29, 2015 On April 16, 2013, an incident in San Jose, California, led to development of a new physical security standard for owners and operators of transmission stations and substations. In the 2013 incident, a sniper attack on a Pacific Gas & Electric transmission substation knocked out 17 large transformers that powered Silicon Valley. The sniper attack served as a dramatic wake-up call for the industry and raised fears regarding the vulnerability of the nation’s power grid to terrorist attack. The more than 160,000 transmission line miles that comprise the U.S. power grid are designed to handle natural and man-made disasters, as well as fluctuations in demand; but what about physical attack? As a result of the San Jose assault, the Federal Energy Regulatory Commission (FERC) in April 2014 required the North America Energy Reliability Corporation (NERC) to establish Critical Infrastructure Protection (CIP) standards to “address physical security risks and vulnerabilities related to the reliable operation” of the bulk power system. NERC developed and issued what is now commonly referred to as CIP-014-1. This is a physical security standard that has a stated purpose to identify and protect transmissions stations and transmission substations and their associated primary control centers that—if rendered inoperable or damaged as a result of a physical attack—could result in uncontrolled separation or cascading within an interconnection. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] ‘Ghost’ flaws poses high risk to Linux distributions

http://www.computerworld.com/article/2875780/ghost-flaws-poses-high-risk-to-linux-distributions.html By Jeremy Kirk IDG News Service Jan 27, 2015 A fault in a widely used component of most Linux distributions could allow an attacker to take remote control of a system after merely sending a malicious email. The vulnerability, nicknamed “Ghost,” is in the GNU C Library known as glibc, according to security vendor Qualys, which disclosed the issue on Tuesday as many Linux distributions released patches. Glibc is a C library that defines system calls. Red Hat, Debian, Ubuntu and Novell have issued fixes. It is advised administrators should patch as soon as possible. The bug first appeared in glibc in 2000. It actually was fixed on May 21, 2013, in between versions 2.17 and 2.18, Qualys CTO Wolfgang Kandek wrote in a blog post. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] The tooth gnashing you hear is from Flash users installing a new 0day patch

http://arstechnica.com/security/2015/01/those-teeth-gnashings-you-hear-are-flash-users-installing-a-new-0day-patch/ By Dan Goodin Ars Technica Jan 26 2015 Adobe Systems is once again rolling out an emergency Flash update that patches a critical vulnerability under active attack to compromise the computers of unsuspecting users. The latest Flash versions fix a remote code-execution bug that, as Ars reported last week, recently came under attack in the Angler exploit kit. Malware purveyors and other types of online crooks use such kits to seed compromised websites with attack code. Once people visit the sites with vulnerable computers, the booby-trapped pages surreptitiously exploit the vulnerabilities and install backdoors that can be used to log keystrokes, steal passwords, and install new pieces of malware at will. An advisory Adobe published late last week warned that the bug resides in versions running on Windows, Macs, and Linux systems. So far, reports suggest that in-the-wild exploits are limited only to Windows systems. The vulnerability stems from a so-called use-after-free bug that allows attackers to corrupt the memory of affected computers. Trend Micro has additional technical details here. “A critical vulnerability (CVE-2015-0311) exists in Adobe Flash Player 16.0.0.287 and earlier versions for Windows and Macintosh,” the Adobe advisory stated. “Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. We are aware of reports that this vulnerability is being actively exploited in the wild via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows 8.1 and below.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] NASDAQ Vulnerable to XSS

http://www.infosecnews.org/nasdaq-vulnerable-to-xss/ By William Knowles @c4i Senior Editor InfoSec News January 16, 2015 Bob Greifeld, CEO of The NASDAQ Stock Market explains in a promotional video “that NASDAQ is a technology based company, those businesses that we’re in have a unifying theme that are built upon our technology.” Top technology companies such as Google, Tesla, Amazon, and GoPro to name a few use NASDAQ as their trading exchange. When NASDAQ “goes to a developing market and provide to them our technology, its not just the software code, its all the best practices that have been developed on a global basis that they to integrate into their operations.” With this information in mind, it doesn’t explain why a security researcher named analfabestia was able to discover and report a new XSS (Cross-Site Scripting) vulnerability on NASDAQ.com on January 14, 2015, The sixth such vulnerability in nearly seven years. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail