Quantcast
Channel: BOT24
Viewing all 8064 articles
Browse latest View live

Another update on the Truecrypt audit

February 18, 2015, 1:35 pm
$
0
0
There's a story on Hacker News asking what the hell is going on with Truecrypt audit. I think that's a fair question, since we have been awfully quiet lately. To everyone who donated to the project, first accept my apologies for the slow pace. I want to promise you that we're not spending your money on tropical vacations (as appealing as that would be). In this post I'd like to offer you some news, including an explanation of why this has moved slowly.

more here.........http://blog.cryptographyengineering.com/2015/02/another-update-on-truecrypt-audit.html
Search

Paper: Glibc Adventures: The Forgotten Chunks- exploitation of heap overflows in Linux

February 18, 2015, 5:03 pm
$
0
0
This technical whitepaper showcases the exploitation of heap overflows in Linux
systems, often considered hard or impossible to exploit with current state-of-the-art
mitigation technologies in place. Recent work from Google Project Zero [1]
demonstrates that corrupting heap structures with a single NUL byte can still lead to
local arbitrary code execution on 32-bit binaries. This paper presents several
techniques that can be used to exploit limited heap overflows in the general case, i.e.
independently from the architecture and mitigation techniques in use, by forcing the
allocator to produce overlapping chunks in applications where the user can predict and
control the shape of heap areas. We apply this technique to a seemingly unexploitable
heap overflow found in commercial software and demonstrate that for the right
applications, exploits bypassing all modern mitigation techniques such as ASLR, PIE or
full RELRO can be constructed.

more here..........http://www.contextis.com/documents/117/Glibc_Adventures-The_Forgotten_Chunks.pdf

CVE-2015-1349: BIND - A Problem with Trust Anchor Management Can Cause named to Crash

February 19, 2015, 12:53 am
$
0
0
BIND servers which are configured to perform DNSSEC validation and which are using managed-keys (which occurs implicitly when using "dnssec-validation auto;" or "dnssec-lookaside auto;") may terminate with an assertion failure when encountering all of the following conditions in a managed trust anchor:

a key which was previously trusted is now flagged as revoked;
there are no other trusted keys available;
there is a standby key, but it is not trusted yet


more here............https://kb.isc.org/article/AA-01235

Lenovo installs adware on customer laptops and compromises ALL SSL

February 19, 2015, 8:36 am
$
0
0
A pretty shocking thing came to light this evening – Lenovo is installing adware that uses a “man-in-the-middle” attack to break secure connections on affected laptops in order to access sensitive data and inject advertising.

more here............http://marcrogers.org/2015/02/19/lenovo-installs-adware-on-customer-laptops-and-compromises-all-ssl/

and another article on same topic titled "Extracting the Superfish Certificate"
here....http://blog.erratasec.com/2015/02/extracting-superfish-certificate.html#.VOYQ1PnF-So

Memory corruption in multiple camera drivers (CVE-2014-4321, CVE-2014-4324, CVE-2014-0975, CVE-2014-0976, CVE-2014-9409)

February 19, 2015, 8:30 am
$
0
0
The following security vulnerability has been identified in the QuIC-authored camera drivers.

more here............https://www.codeaurora.org/projects/security-advisories/memory-corruption-multiple-camera-drivers-cve-2014-4321-cve-2014-4324

Paper: A Tangled Mass: The Android Root Certificate Stores

February 19, 2015, 8:32 am
$
0
0
The security of today’s Web rests in part on the set of X.509 certificate
authorities trusted by each user’s browser. Users generally
do not themselves configure their browser’s root store but instead
rely upon decisions made by the suppliers of either the browsers
or the devices upon which they run. In this work we explore the
nature and implications of these trust decisions for Android users.
Drawing upon datasets collected by Netalyzr for Android and ICSI’s
Certificate Notary, we characterize the certificate root store population
present in mobile devices in the wild. Motivated by concerns
that bloated root stores increase the attack surface of mobile users,
we report on the interplay of certificate sets deployed by the device
manufacturers, mobile operators, and the Android OS. We identify
certificates installed exclusively by apps on rooted devices, thus
breaking the audited and supervised root store model, and also discover
use of TLS interception via HTTPS proxies employed by a
market research company

more here.............http://www.icir.org/johanna/papers/conext14tangledmass.pdf

Using Google Cloud Platform for Security Scanning- Beta

February 19, 2015, 8:38 am
$
0
0
Deploying a new build is a thrill, but every release should be scanned for security vulnerabilities. And while web application security scanners have existed for years, they’re not always well-suited for Google App Engine developers. They’re often difficult to set up, prone to over-reporting issues (false positives)—which can be time-consuming to filter and triage—and built for security professionals, not developers.

Today, we’re releasing Google Cloud Security Scanner in beta. If you’re using App Engine, you can easily scan your application for two very common vulnerabilities: cross-site scripting (XSS) and mixed content.

more here...........http://googlecloudplatform.blogspot.com/2015/02/using-google-cloud-platform-for.html

pemcrack

February 19, 2015, 9:03 am
$
0
0
Cracks SSL PEM files that hold encrypted private keys. Brute forces or dictionary cracks

more here..........https://github.com/robertdavidgraham/pemcrack
Search

What President Obama is getting wrong about encryption

February 19, 2015, 9:08 am
$
0
0
President Obama tried to walk a very fine line on encryption, the technology that secures much of the communications that occur online, during his recent visit to Silicon Valley -- saying that he is a supporter of "strong encryption," but also understands law enforcement's desire to access data.

more here..........http://www.washingtonpost.com/blogs/the-switch/wp/2015/02/19/what-president-obama-is-getting-wrong-about-encryption/

JSDialers: apps that call premium numbers (with new techniques) on Google Play

February 19, 2015, 10:21 am
$
0
0
Last year was discovered in Google Play pretty malware "Made in Spain" trying to automatically subscribe to premium SMS services. For some time, the problem has subsided, and hard to find specimens of that kind at least in Google Play. Eleven Paths we found seven applications in recent weeks, using new techniques based on more dynamic and resourceful JavaScript and so   have managed to climb to Google Apps fraudulent Play. We have called JSDialers. Let's see how here.....http://translate.google.com.sg/translate?hl=en&sl=es&u=http://blog.elevenpaths.com/2015/02/jsdialers-apps-que-llaman-numeros.html&prev=search

Announcing a Specification for Hack

February 19, 2015, 1:08 pm
$
0
0
Today we are excited to announce the availability of the initial specification for the Hack programming language

more here.........http://hhvm.com/blog/8537/announcing-a-specification-for-hack

THE GREAT SIM HEIST: HOW SPIES STOLE THE KEYS TO THE ENCRYPTION CASTLE

February 19, 2015, 1:10 pm
$
0
0
AMERICAN AND BRITISH spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden.

The hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ.

more here...........https://firstlook.org/theintercept/2015/02/19/great-sim-heist/

Just another day at the office: A ZDI analyst’s perspective on ZDI-15-030

February 19, 2015, 1:12 pm
$
0
0
Many of us here at the ZDI are blessed to look the world’s best vulnerability research coming from researchers around the world. For those of us who work at the ZDI, it’s literally nothing but zero-day, every day. And we’re not just saying that; it’s documented by the record number of published vulnerabilities attained last year for the history of the Zero Day Initiative program.

An interesting case came in through the program in late October from a researcher named n3phos. The report contained vulnerability information affecting the win32k.sys kernel component on Windows 8.1 x64, and examples included in the case were very well-documented and well-written. We recently released an advisory for the case, which is ZDI-15-030 in our system. This is also known as CVE-2015-0058 to MITRE, and was addressed as part of MS15-010 by Microsoft. Here is a write up from the submission that we felt was exceptional and wanted to share with the research community.


more here.............http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Just-another-day-at-the-office-A-ZDI-analyst-s-perspective-on/ba-p/6710637#.VOZRb_nF-So

Hacker Claims Feds Hit Him With 44 Felonies When He Refused to Be an FBI Spy

February 19, 2015, 1:16 pm
$
0
0
A year ago, the Department of Justice threatened to put Fidel Salinas in prison for the rest of his life for hacking crimes. But before the federal government brought those charges against him, Salinas now says, it tried a different tactic: recruiting him.

more here..........http://www.wired.com/2015/02/hacker-claims-feds-hit-44-felonies-refused-fbi-spy/

Summarizing Known Attacks on Transport Layer Security (TLS) and Datagram TLS (DTLS)

February 19, 2015, 2:13 pm
$
0
0
Over the last few years, there have been several serious attacks on
Transport Layer Security (TLS), including attacks on its most
 commonly used ciphers and modes of operation.  This document
 summarizes these attacks, with the goal of motivating generic and
 protocol-specific recommendations on the usage of TLS and Datagram
 TLS (DTLS).


more here.........http://www.rfc-editor.org/info/rfc7457
Search

Netflix SURUS: Robust Anomaly Detection (RAD) on Big Data

February 20, 2015, 1:02 am
$
0
0
Outlier detection can be a pain point for all data driven companies, especially as data volumes grow. At Netflix we have multiple datasets growing by 10B+ record/day and so there’s a need for automated anomaly detection tools ensuring data quality and identifying suspicious anomalies. Today we are open-sourcing our outlier detection function, called Robust Anomaly Detection (RAD), as part of our Surus project.

more here............http://techblog.netflix.com/2015/02/rad-outlier-detection-on-big-data.html

Understanding CVE-2015-0310 Flash vulnerability

February 20, 2015, 3:48 am
$
0
0
The Flash vulnerability CVE-2015-0310 is fixed in recent patch from Adobe. The vulnerability is in RegEx result parsing code. The vulnerability affects all the version below 16.0.0.287 and patched on January 2015. Though Adobe didn’t provide much information about the vulnerability fixed and very less information available in public, we have an exploit that exploits this vulnerability and have some information from IPS vendors signature names (PCRE Memory Access Violation).

more here...........https://hiddencodes.wordpress.com/2015/02/20/understanding-cve-2015-0310-flash-vulnerability/

Examining the Cybercrime Underground, Part 1: Crypters

February 20, 2015, 3:51 am
$
0
0
Crypters are software tools that use a combination of encryption, obfuscation, and code manipulation of malware to make them FUD (Fully Undetectable) by legacy security products.

To understand the role that crypters play in cybercrime, it’s helpful to try to understand the cybercriminal mindset. The Holy Grail for cybercriminals is fully undetectable malware that would allow them to use the same malware repeatedly without being detected by a security solution. They also want their attacks randomized to make sure that the failure of one attack won’t affect the outcome of attacks against other victims.

more here...........http://researchcenter.paloaltonetworks.com/2015/02/examining-cybercrime-underground-part-1-crypters/

You've Got to Trust Your Vm Host|Or: Why Disc Encryption Won’t Save You

February 20, 2015, 4:39 am
$
0
0
There’s a persistent meme floating around that full-disc encryption of your VM’s discs will save you if some three-letter agency comes knocking on the door of your VM host and demands your data. This is futile. Let me explain why.

Let me make this as clear as I possibly can: when your VM is running, after you have unlocked the disc encryption, the only key I need to decrypt your encrypted partition is present in the RAM of your guest.0

more here..........http://blackkettle.org/blog/2015/02/19/youve-got-to-trust-your-vm-host/

Superphish script to silently intercept SSL on computers infected with Superfish malware

February 20, 2015, 4:55 am
$
0
0
This script will silently intercept SSL connections made from computers infected with Superfish malware on the local network. All traffic will be logged into 'superphish.log'. Works in three stages:

Activates packet forwarding
ARP poisoning
SSL interception with Superfish CA keys

more here...........https://github.com/0xPoly/Superphish
Viewing all 8064 articles
Browse latest View live
Search