Remote management and access tools are great things for IT staff to use, but if they are not set up correctly or they have bugs hidden in the code they can quickly become a nightmare. Intel’s AMT (Active Management Technology) suite of tools recently was found to have a rather nasty little surprise hidden in them. It seems that a flaw in the way their SOL (Serial on LAN) tool runs combined with the way Windows deals with AMT allowed attackers to use AMT to deploy malware and to exfiltrate data from a compromised system.
The life of a security researcher is not all beer and pizza. In most cases the days are long and very few seem to appreciate what you are doing. From the stand point of a security researcher they are the good guys trying to help push an agenda of security. They spend countless hours finding the holes in code and hardware before the “bad guys” do. Sure there are bug bounty programs that pay fairly well and some researchers work for larger firms, but it is not all about the money or attribution.
Over the weekend there was a lot of talk about how Windows in particular is vulnerable to a flaw that is linked to SMB. This flaw could allow someone to grab user information by forcing a redirect to a malicious server using the SMB protocol. The way it works is pretty simple; if you give someone a URL that begins with the work “file” then Windows (and some other systems) will think that you want to use SMB to connect to a file share. If the server that the link (URL) points to uses even basic authentication then you can try and tempt a user to put in their own credentials and grab them during the exchange.
Remember how Ubisoft offered that free game to everyone that had issues with AC Unity? Well despite many people thinking that this was to make things right it was really all about making sure that Ubisoft did not end up the target of a law suit. According to multiple sources on the internet there is verbiage in the EULA that says you are giving up any and all rights to sue Ubisoft over the issues present in AC Unity. To call this a jackass move on the part of Ubisoft is something of an understatement.
Just when you thought it could not get any worse for Ubisoft it turns out that the patch they designed to fix all of the broken stuff is also sort of broken. According to a post on the Assassin’s Creed Unity site some Xbox owners were seeing a 40GB download when they were trying to grab patch 4 for the game. It seems that the patch was attempting to re-download the entire game and simply overwrite all of the game files instead of just trying to replace the messed up ones.
One of the biggest issues in security is not the number of bad guys out there or the number of zero day exploits that exist in the wild. Sadly it is that far too many companies and people do not update their devices and software. Now I know that it is a pain to run updates on every device you own, but in most cases these updates are important. This is the case we find with the recent brouhaha over a version of cryptolocker (SynoLocker) that appears to target Synology NAS devices with an older (and unpatched) version of Disk Station Manager (DSM).
Remember the news about the “locked” out graphical features in Watch Dogs? Well Ubisoft has finally released a statement about those options and a claim as to why they were hidden in the first place. According to Ubisoft the reason they were hidden had nothing to do with denying users game settings. It was all about “possible impacts on visual fidelity, stability, performance and overall gameplay quality”.
After taking a pretty big hit from the HeartBleed bug OpenSSL I back in the new for an additional six bugs that put user data at risk. Security researchers have discovered a number of additional bugs in OpenSSl that can be used to allow malicious persons to spy on communication. Fortunately for the masses (about two thirds of internet sites use OpenSSL) these new bugs are not as easy to exploit as Heartbleed was.
Mozilla is the version 28 of browser Firefox for the first time significantly changed the user interface from the issue of Firefox 4 back in 2011.