Displaying items by tag: Flaws

A new flaw has been identified in the Node.js package manager, NPM. The flaw is being described as a logical flaw, but in reading over the data it seems more like a permissions flaw. The good news is that as of April 26, the flaw has been addressed by NPM, the bad is that it was in play until then. According to the researchers that discovered it, the flaw related to the way you can attach other accounts to an uploaded package.

Linux, often thought of as a more secure alternative to Microsoft, has not had an easy year. We have seen vulnerabilities that affect the iSCSI subsystem, the Extended Berkeley Packet Filter, the Polkit pkexec component bug and now two Kernel bugs. The latest one, dubbed “dirty pipe” It is a method that could allow a “local” user to overwrite read-only files including SUID flies.

Mozilla is urging users to update to the latest version of Firefox after two vulnerabilities (CVE-2022-26485 and CVE-2022-26486) have been found to be actively exploited in the wild. Both vulnerabilities are listed as use-after-free vulnerabilities. This type of vulnerability relies on issues in determining which part of an application is responsible for cleaning up used memory. By leveraging this an attacker can set up a situation where they can re-use a part of memory that was freed up by a legitimate process.

In mid-1999 software and hardware developers uncovered a bug of sorts that, at first glance, seemed like it would end the computer world as we know it. It was called the Y2K bug and centered around the issue that somehow developers and built their code to with the first two digits of the year input field as hard coded to 19. This mean that when everything rolled over to year 2000, computers and software would see it as 1900. Not exactly where you want to be.

There is an old saying that say, what someone can lock, someone else can unlock. This is usually used regarding attackers getting into a network or compromising protected data. It is not often applied to security researchers unlocking information encrypted by a major ransomware threat group. However, this is exactly what has happened as researchers at Kookmin University in South Korea say they have utilized a flaw in the encryption method used by Hive Ransomware to find a way to unlock it.

Although it will not come as a surprise, there seems to be yet another bug in Adobe’s flash player that allows for an attacker to potentially take control of a system by forcing a crash of the application. According to TrendMicro, CVE 2015-5123 is a critical bug in the latest version of Flash player for Linux, Windows, and OSX operating systems. Adobe has already released a customer advisory stating they are already aware of this flaw being exploited in the wild.

Over the weekend there was a lot of talk about how Windows in particular is vulnerable to a flaw that is linked to SMB. This flaw could allow someone to grab user information by forcing a redirect to a malicious server using the SMB protocol. The way it works is pretty simple; if you give someone a URL that begins with the work “file” then Windows (and some other systems) will think that you want to use SMB to connect to a file share. If the server that the link (URL) points to uses even basic authentication then you can try and tempt a user to put in their own credentials and grab them during the exchange.

Privacy on the internet is a hard thing to achieve. For starters there are tons of companies that are very interested in what you do and where you go online so they can get you to buy things. On top of that there are the spying eyes of the government watching to make sure you are not a bad guy and storing all of this data in massive warehouses. This mass data collection seems to exist in every single device we own; from laptops to phone to smart TVs. It is enough to make someone paranoid, or at least to look for some form of privacy when connected to the internet.

The world lives in fear of zero-day exploits although the average person does not even know it. A zero-day exploit is a bug or a flaw that has not been discovered by the developers yet, but is known to someone outside. This can be good guys, bad guys or other, but it is still a flaw that can be used to do harm to a computer system and no one has a patch for it yet. When the good guys (security researchers) know about them they work with companies to patch them. When the bad guys know about these things get very ugly indeed. But what happens if someone knows about one (or a bunch of them) and does not tell anyone at all?

When you are a sysadmin there is nothing like waking up to not one, but two troubling bits of news. The first one centers on a new and fun Zero-Day vulnerability that affects just about every version of windows that Microsoft still supports. Dubbed Sandworm by iSight, the security firm that discovered it this bug exploits yet another flawed internal mechanism in Microsoft’s OS.