Displaying items by tag: Exploits

There is (and always has been) a debate about the ethics and impact of the release of Proof-of-Concept Exploit for an identified vulnerability and Open-Source Tools related to red-teaming. The debate, well really it has devolved into an argument, is very complex, nuanced, and (in full honesty) has multiple contexts that can be applied to it. However, it has become exceptionally binary. We now have the “Pro” side and the “Anti” side… The fact that this is where the line in the sand is being drawn is, well it is almost ignorant.

Published in Security Talk

Last week Progress Software, the company behind MOVEit file transfer software, announced another SQL injection flaw had been identified and patched. This flaw is just the latest in a series of vulnerabilities that have been identified in the application after the Cl0p ransomware group was found to have exploited a different SQL injection flaw to steal data from multiple MOVEit users. The attacks started in late 2022, but the Cl0p group might have been testing different entry points as far back as June 2022.

Published in News

This one goes in both the “failure of imagination” and “this is why we can’t have nice things” category. It seems that Gigabyte, for some reason, decided to embed an insecure update function into the UEFI BIOS of their motherboards, then shipped roughly 7 million of them to customers. The fatal flaw? Well, this is an update function that runs on startup. It writes a file to disk, reaches out to update servers over open HTTP then downloads any updates and installs them.

Published in News

Google pushed out a n Out-of-band patch for Chrome due to a high-severity on Friday (March 25th, 2022). The patch was pushed out quickly as the vulnerability, tracked as CVE-2022-1096 is being actively exploited in the wild. CVE-2022-1096 is a type confusion vulnerability that exists in the JavaScript Engine used by Chrome and was reported to Google by an Anonymous researcher last week.

Published in Security Talk

A shell for me, a shell for you, a shell for everybody in the room. If you have not heard about Log4J and the associated vulnerabilities in versions between 2.0 and 2.16 you might have not been near a computer in quite a while. This Remote Code Execution vulnerability that has several CVEs (common vulnerabilities and exploits) associated with it is commonly lumped into the term Log4Shell. Log4J itself is a Java based Apache logging framework that is in widespread usage in many applications. The list of impacted applications is not, and may never be, known. Many vendors have release complex mitigation steps and patches, but many devices are not getting patched (nothing surprising here). This has allowed this vulnerability to become quickly weaponized and used in targeted attacks.

Published in Security Talk

A newly released CVE (common vulnerabilities and exposures) CVE-2021-4034 for Linux has identified a vulnerability in PolKit’s (formerly PolicyKit) pkexe that exists in very major release of Linux. The vulnerability known as PwnKit can be exploited to gain full root on a target system. The flaw, according to researchers has also been present for more than 12 years.

Published in Security Talk

It seems that the stars might finally align to remove one of the largest security holes in the history of… well history itself. Oracle is announcing that it is finally getting rid of the Java Browser Plug-in… sometime. According to a blog post on the Oracle page they are aware that most (if not all) browsers are already blocking plug-ins like the one in the Java Runtime Environment. These are for security, stability and performance, and really should have been done a long time ago. Over the last few years the Java browser plug-in (along with Flash) has been the vector of choice for many web-based attacks.

Published in News

The world lives in fear of zero-day exploits although the average person does not even know it. A zero-day exploit is a bug or a flaw that has not been discovered by the developers yet, but is known to someone outside. This can be good guys, bad guys or other, but it is still a flaw that can be used to do harm to a computer system and no one has a patch for it yet. When the good guys (security researchers) know about them they work with companies to patch them. When the bad guys know about these things get very ugly indeed. But what happens if someone knows about one (or a bunch of them) and does not tell anyone at all?

Published in Editorials

Network and application security are big deals and big business these days. It seems that a day does not pass that you hear about a new breach, exploit, hack or something. This sad state has prompted a few companies to actually look outside their organizations for help and offer bug bounties to individual researchers that find holes in applications and hardware. These bounties can be quite the incentive to get people to tear into your application looking for exploits, but even more important than rewards is having a clear method to report problems and a team that actually responds to them when they are found.

Published in News

We talk a lot about security on DecryptedTech and with good reason, there are a ton of threats out there and this list just keeps getting longer. This is why we tend to get annoyed with large corporations when they either skimp on security or botch the job. This is apparently the case in with eBay owned PayPal. For a while PayPal has been highlighting their 2FA (Two Factor Authentication) as a great way to protect your financial data and it is… unless you screw up the implementation.

Published in News
Page 1 of 3