Difference between revisions of "Template:PSW652NewsPaulAsadoorian"

From Security Weekly Wiki
Jump to navigationJump to search
Line 4: Line 4:
 
#[https://www.exploit-db.com/exploits/48491 Pi-Hole - heisenbergCompensator Blocklist OS Command Execution (Metasploit)] - Interesting exploit, it does require authentication (but then allows for a root shell).
 
#[https://www.exploit-db.com/exploits/48491 Pi-Hole - heisenbergCompensator Blocklist OS Command Execution (Metasploit)] - Interesting exploit, it does require authentication (but then allows for a root shell).
 
#[https://blog.rootshell.be/2020/05/21/sans-isc-malware-triage-with-floss-api-calls-based-behavior/ SANS ISC - Malware Triage with FLOSS: API Calls Based Behavior | /dev/random] - Really cool article, using FLAME to analyze potential malware samples.
 
#[https://blog.rootshell.be/2020/05/21/sans-isc-malware-triage-with-floss-api-calls-based-behavior/ SANS ISC - Malware Triage with FLOSS: API Calls Based Behavior | /dev/random] - Really cool article, using FLAME to analyze potential malware samples.
#[https://www.zdnet.com/article/hackers-target-the-air-gapped-networks-of-the-taiwanese-and-philippine-military/ Hackers target the air-gapped networks of the Taiwanese and Philippine military | ZDNet]
+
#[https://www.zdnet.com/article/hackers-target-the-air-gapped-networks-of-the-taiwanese-and-philippine-military/ Hackers target the air-gapped networks of the Taiwanese and Philippine military | ZDNet] - Interesting, see my other point below: ''Trend Micro's USBferry report is the third report of its kind published this week detailing malware developed by state-sponsored hackers that can jump across the air gap to isolated networks. The other two reports are ESET's report on the Ramsay malware and Kaspersky's report on COMpfun. All three reports show an increased interest from nation-state hacking groups into developing malware capable of breaching air-gapped networks.''
 
#[https://securityaffairs.co/wordpress/103369/breaking-news/wp-product-review-lite-xss.html Stored XSS in WP Product Review Lite plugin allows for automated takeovers]
 
#[https://securityaffairs.co/wordpress/103369/breaking-news/wp-product-review-lite-xss.html Stored XSS in WP Product Review Lite plugin allows for automated takeovers]
 
#[https://www.securityweek.com/mandrake-android-spyware-remained-undetected-4-years 'Mandrake' Android Spyware Remained Undetected for 4 Years | SecurityWeek.Com]
 
#[https://www.securityweek.com/mandrake-android-spyware-remained-undetected-4-years 'Mandrake' Android Spyware Remained Undetected for 4 Years | SecurityWeek.Com]
#[https://www.darkreading.com/vulnerabilities---threats/the-3-top-cybersecurity-myths-and-what-you-should-know/a/d-id/1337806 The 3 Top Cybersecurity Myths & What You Should Know] - Let's debate: ''Myth No. 1: The security team is going to protect me. Myth No. 2: IT professionals don't fall for cyberattacks. Myth No. 3: Cyberattacks are confined to the digital world.'' Also, on physical security: ''There are other examples, too — the Stuxnet worm that ravaged Iran's Natanz nuclear facility was delivered via a flash drive that was plugged straight into one of the facility's computers.'' Yea, they did that, however, it was in collaboration with US and Israeli spy agencies. They also likely had an insider if you factor in the infection times with the compile times and compare them across different Stuxnet version. Also, they infected Step 7 project files that were being copied on USB flash drives across the air gap. So, yes physical attacks are in play, however they are not likely to go to this length very often, unless you overtake a middle eastern country and start enriching Uranium...
+
#[https://www.darkreading.com/vulnerabilities---threats/the-3-top-cybersecurity-myths-and-what-you-should-know/a/d-id/1337806 The 3 Top Cybersecurity Myths & What You Should Know] - Let's debate: ''Myth No. 1: The security team is going to protect me. Myth No. 2: IT professionals don't fall for cyberattacks. Myth No. 3: Cyberattacks are confined to the digital world.'' Also, on physical security: ''There are other examples, too — the Stuxnet worm that ravaged Iran's Natanz nuclear facility was delivered via a flash drive that was plugged straight into one of the facility's computers.'' Yea, they did that, however, it was in collaboration with US and Israeli spy agencies. They also likely had an insider if you factor in the infection times with the compile times and compare them across different Stuxnet version. Also, they infected Step 7 project files that were being copied on USB flash drives across the air gap. So, yes physical attacks are in play, however, they are not likely to go to this length very often, unless you overtake a middle eastern country and start enriching Uranium...
 
#[https://www.securityweek.com/bluetooth-vulnerability-allows-attackers-impersonate-previously-paired-devices Bluetooth Vulnerability Allows Attackers to Impersonate Previously Paired Devices | SecurityWeek.Com]
 
#[https://www.securityweek.com/bluetooth-vulnerability-allows-attackers-impersonate-previously-paired-devices Bluetooth Vulnerability Allows Attackers to Impersonate Previously Paired Devices | SecurityWeek.Com]
 
#[https://security.googleblog.com/2020/05/enhanced-safe-browsing-protection-now.html Enhanced Safe Browsing Protection now available in Chrome]
 
#[https://security.googleblog.com/2020/05/enhanced-safe-browsing-protection-now.html Enhanced Safe Browsing Protection now available in Chrome]

Revision as of 21:18, 21 May 2020

Articles

  1. vBulletin 5.6.1 - 'nodeId' SQL Injection - And it has been released! Please use it responsibly (and patch your systems).
  2. Online Healthcare Patient Record Management System 1.0 - Authentication Bypass - Wow, just wow: The login.php file allows a user to just supply ‘ or 1=1 – as a username and whatever password and bypass the authentication. Looks like this is a small project from an individual. We need to take the time to educate...
  3. Pi-Hole - heisenbergCompensator Blocklist OS Command Execution (Metasploit) - Interesting exploit, it does require authentication (but then allows for a root shell).
  4. SANS ISC - Malware Triage with FLOSS: API Calls Based Behavior | /dev/random - Really cool article, using FLAME to analyze potential malware samples.
  5. Hackers target the air-gapped networks of the Taiwanese and Philippine military | ZDNet - Interesting, see my other point below: Trend Micro's USBferry report is the third report of its kind published this week detailing malware developed by state-sponsored hackers that can jump across the air gap to isolated networks. The other two reports are ESET's report on the Ramsay malware and Kaspersky's report on COMpfun. All three reports show an increased interest from nation-state hacking groups into developing malware capable of breaching air-gapped networks.
  6. Stored XSS in WP Product Review Lite plugin allows for automated takeovers
  7. 'Mandrake' Android Spyware Remained Undetected for 4 Years | SecurityWeek.Com
  8. The 3 Top Cybersecurity Myths & What You Should Know - Let's debate: Myth No. 1: The security team is going to protect me. Myth No. 2: IT professionals don't fall for cyberattacks. Myth No. 3: Cyberattacks are confined to the digital world. Also, on physical security: There are other examples, too — the Stuxnet worm that ravaged Iran's Natanz nuclear facility was delivered via a flash drive that was plugged straight into one of the facility's computers. Yea, they did that, however, it was in collaboration with US and Israeli spy agencies. They also likely had an insider if you factor in the infection times with the compile times and compare them across different Stuxnet version. Also, they infected Step 7 project files that were being copied on USB flash drives across the air gap. So, yes physical attacks are in play, however, they are not likely to go to this length very often, unless you overtake a middle eastern country and start enriching Uranium...
  9. Bluetooth Vulnerability Allows Attackers to Impersonate Previously Paired Devices | SecurityWeek.Com
  10. Enhanced Safe Browsing Protection now available in Chrome
  11. EasyJet data breach: 9 million customers affected - Help Net Security - Comment from a security vendor: Many, however, still need to understand that there is a better way to manage security, risk and compliance requirements and it most certainly is not ‘what we’ve always done’. In an industry that has defined ‘automation’ and ‘process efficiencies’, applying the same to Information Security would quite literally revolutionise their ability to detect, respond and mitigate against the largely traditional raft of attack TTP’s we’ve seen targeted at aviation this past decade. Agree?
  12. Vulnerability in Qmail mail transport agent allows RCE - Help Net Security
  13. Remote Code Execution Vulnerability Patched in VMware Cloud Director | SecurityWeek.Com
  14. Israel is suspected to be behind the cyberattack on Iranian port
  15. Vulnerabilities Exposed Hundreds of Thousands of QNAP NAS Devices to Attacks | SecurityWeek.Com
  16. ISC Releases Security Advisory for BIND | CISA
  17. Stealing Secrets from Developers using Websockets
  18. Chrome 83 adds DNS-over-HTTPS support and privacy tweaks
  19. Signal fixes location-revealing flaw, introduces Signal PINs - Help Net Security
  20. XSS, Open Redirect Vulnerabilities Patched in Drupal | SecurityWeek.Com - This could be so much fun: a user could be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL.
  21. The Need for Compliance in a Post-COVID-19 World
  22. Zoom to Provide Detailed Info on Upcoming End-to-End Encryption Feature | SecurityWeek.Com
  23. Google Begins Encrypting Domain Name Lookups
  24. Microsoft: we were wrong about open source - How things change: Former Microsoft CEO Steve Ballmer famously branded Linux “a cancer that attaches itself in an intellectual property sense to everything it touches” back in 2001.
  25. Official reminds public to avoid touching other people's balls as crowd giggles