867 matches found
MMS Exploit Part 3: Constructing the Memory Corruption Primitives
Posted by Mateusz Jurczyk, Project Zero This post is the third of a multi-part series capturing my journey from discovering a vulnerable little-known Samsung image codec, to completing a remote zero-click MMS attack that worked on the latest Samsung flagship devices. New posts will be published a...
MMS Exploit Part 2: Effective Fuzzing of the Qmage Codec
Posted by Mateusz Jurczyk, Project Zero This post is the second of a multi-part series capturing my journey from discovering a vulnerable little-known Samsung image codec, to completing a remote zero-click MMS attack that worked on the latest Samsung flagship devices. New posts will be published ...
Command injection
In codecov npm package before version 3.7.1 the upload method has a command injection vulnerability. Clients of the codecov-node library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. A similar CVE CVE-2020-7597 for GHSA-5q88-cjfq-g2mh was...
MMS Exploit Part 1: Introduction to the Samsung Qmage Codec and Remote Attack Surface
Posted by Mateusz Jurczyk, Project Zero This post is the first of a multi-part series capturing my journey from discovering a vulnerable little-known Samsung image codec, to completing a remote zero-click MMS attack that worked on the latest Samsung flagship devices. New posts will be published a...
NSA on Securing VPNs
The NSA's Central Security Service -- that's the part that's supposed to work on defense -- has released two documents a full and an abridged version on securing virtual private networks. Some of it is basic, but it contains good information. Maintaining a secure VPN tunnel can be complex and...
Critical Vulnerability in SAP NetWeaver AS Java
Summary On July 13, 2020 EST, SAP released a security update to address a critical vulnerability, CVE-2020-6287, affecting the SAP NetWeaver Application Server AS Java component LM Configuration Wizard. An unauthenticated attacker can exploit this vulnerability through the Hypertext Transfer...
How To Protect Your Kubernetes Cluster with Wallarm – part 1 of 3
Kubernetes clusters enable an organization to easily take advantage of containerization. While this is a huge asset, it also creates security issues. Many organizations lack visibility into the applications within their Kubernetes cluster and their attack surface. Within a Kubernetes cluster, an...
Reduce the Attack Surface of Your Container Images
Follow along as Chuck Losh, Solutions Architect, walks through a new way of thinking in how to construct distroless images from Google, using an example of a multi-stage Dockerfile method...
Long Tail Analysis: A New Hope in the Cybercrime Battle
Our hyper-connected world and its ever-faster network speeds have resulted in mountains of diverse data that needs to be processed. It has also resulted in an ever-expanding attack surface, requiring cybersecurity solutions to scale like never before. These days, scale is about more than traffic...
The Windows 7 Postmortem: What’s at Stake
In January 2020, Microsoft officially ended its extended support and discontinued patching of Windows 7. Despite the long lead time and repeated reminders, numbers since the COVID-19 pandemic have shown a slight uptick in Windows 7 deployments. The recent estimates show that more than 26 percent ...
Securing Smart Manufacturing
“Alexa, turn on the TV.” ”Get it yourself.” This nightmare scenario could play out millions of times unless people take steps to protect their IoT devices. The situation is even worse in industrial settings. Smart manufacturing, that is, Industry 4.0, relies on tight integration between IT system...
Buffer overflow vulnerability in GE control system ACTIVEX control (CNVD-2020-26342)
General Electric GE is a global digital industrial company that creates software-defined machines that are connected, responsive and predictive to transform traditional industries. A buffer overflow vulnerability exists in the ACTIVEX control of the GE control system, which can be exploited by an...
Microsoft Windows Net Use Insufficent Authentication
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-NET-USE-INSUFFICIENT-PASSWORD-PROMPT.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows "net use" Command Connects a...
Microsoft NET USE win10 - Insufficient Authentication Logic Exploit
Title: Microsoft NET USE win10 - Insufficient Authentication Logic Date: 2020-04-04 Author: hyp3rlinx Vendor: www.microsoft.com CVE: N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...
How VMware Carbon Black Helps Agencies Meet CDM Requirements
When a crime is committed, one of the first things the police do is collect evidence from any security cameras nearby, and these days, cameras are everywhere. That’s a model that federal agencies want to apply to cybersecurity. This constant monitoring of systems to catch bad actors provides the...
Akamai's Prolexic Platform Completes Fifth Generation Upgrade
Akamai introduces new enhancements today to its Prolexic Routed purpose-built DDoS scrubbing service that reflect the changing nature of the threat landscape and capitalize on cloud functionality to enable maximum customer flexibility using newer deployment models. For anyone worried about DDoS...
Sifter - A OSINT, Recon And Vulnerability Scanner
Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the 'blue' vulnerabilities within microsft and if unpatched, exploit...
Introducing Guardicore Threat Intelligence Firewall
Guardicore’s Threat Intelligence Firewall blocks connections to malicious IPs, limiting security attack surface before reaching critical assets...
Intuitive and Ready-to-Use Monitoring Profiles for Compliance Regulations
Detecting changes from a baseline established for files and file paths and receiving instant alerts about them is crucial to ensure security within a monitored environment. File tampering is an indicator of illicit activity, and authorized users must be alerted whenever changes in a critical file...
Mitigations are attack surface, too
Posted by Jann Horn, Project Zero Introduction This blog post discusses a bug leading to memory corruption in Samsung's Android kernel specifically the kernel of the Galaxy A50, A505FN - I haven't looked at Samsung's kernels for other devices. I will describe the bug and how I wrote a very...