From Security Weekly WikiJump to navigationJump to search
- Cisco Releases Security Advisory for Telnet Vulnerability in IOS XE Software | CISA - Proof of concept code that is currently available results in high CPU usage on the affected device. To recover the device, a power cycle needs to occur.
- Apache Releases Security Advisory for Apache Tomcat | CISA
- The man behind Cardplanet credit card market sentenced to 9 years in prison
- Python Arbitrary File Write Prevention: The Tarbomb - As an example of how this could work, imagine you’re on your MacBook trying to open a file you just downloaded from your email, accounts_2020_06.tar.gz. From your downloads folder, you would expect the archive to be extracted into a new folder named accounts_2020_06. However, what if the archive contained a file with the path ../.bash_profile and contained a modified version of a bash profile that opened a backdoor on your system? If taken literally, this malicious file would overwrite your valid bash profile and you wouldn’t even know it.
Luckily, the macOS archive utility and many other decompression tools check for these scenarios. However, not all do, case in point — tarfile, part of the python standard library, is vulnerable to this type of attack when used out of the box.
- Unpatched Wi-Fi Extender Opens Home Networks to Remote Control
- The Internet is too unsafe: We need more hackers
- Remote employees encounter 59 risky URLs per week - Help Net Security
- How To Build A Secure Browser For Organizations - Lots of stuff here, but I want more details on this: Our idea is to create an Active Policy Agent AI Agent in the Broker module, one ideally updated by private blockchain like the one in BETA at Oasis Labs. The policies in the browser could be updated from a reliable source in real-time while the AI module makes decisions about safety based on derived variants of the threats before they are found by threat researchers. He also mentions one of our sponsors, ExtraHop (the author does not work for ExtraHop).
- Driver Vulnerabilities Facilitate Attacks on ATMs, PoS Systems | SecurityWeek.Com
- Researchers Show How Hackers Can Target ICS via Barcode Scanners | SecurityWeek.Com
- Things that happen every four years: Olympic Games, Presidential elections, and now new Mac ransomware - Malwarebytes director of Mac and Mobile Thomas Reed said in one sample he analyzed, the malware posed as an installer for the legit, and highly useful, network monitoring tool Little Snitch. EvilQuest has also been spotted pretending to be music-making suite Ableton Live and tuning software Mixed in Key. K7 threat researcher Dinesh Devadoss also reported discovering the ransomware masquerading as a Google software update.
- Firefox 78 is out with a mysteriously empty list of security fixes - This is bad: At the moment [2020-07-01T11:00Z], the security fixes in the new version are a mystery! The release notes directed us to the official security fixes page, but there wasn’t any entry for Firefox 78.
- Securing the International IoT Supply Chain - Schneier on Security - The basic problem we try to solve is: how to you enforce IoT security regulations when most of the stuff is made in other countries? And our solution is: enforce the regulations on the domestic company that's selling the stuff to consumers.
- Netgear is releasing fixes for ten issues affecting 79 products - All around the world its the same song, er vulnerability: Multiple Netgear devices contain a stack buffer overflow in the httpd web server’s handling of upgrade_check.cgi, which may allow for unauthenticated remote code execution with root privileges.
- Microsoft fixes two RCE flaws affecting Windows 10 machines - Help Net Security - What initially seemed like critical out-of-band patches for Windows 10 and Windows Server 2019 systems turned out to be slightly less urgent patches since the flaws affect only Windows 10 systems and only those users who have installed the optional HEVC or “HEVC from Device Manufacturer” media codecs from Microsoft Store, limiting thusly the pool of machines open to attack.
- Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking - The attacks stem one of the two possible ways the gateway can be taken over: either by a compromised machine inside the corporate network that leverages an incoming benign connection to attack the Apache gateway or a rogue employee who uses a computer inside the network to hijack the gateway.
- 'GoldenSpy' Malware Targets Businesses Operating in China | SecurityWeek.Com
- Running nmap as an unprivileged user - SecWiki
- Exploring Kernel Networking: BPF Hook Points, Part 1
- Exploring Kernel Networking: BPF Hook Points, Part 2 - Say "hello" to my little friend! - Articles for Developers Building High Performance Systems
- New A Shared File System for Your Lambda Functions | Amazon Web Services