Browsing category

Vulnerabilities

CHIPSEC Module That Exploits UEFI Boot Script Table Vulnerability

This vulnerability was discovered by Rafal Wojtczuk and Corey Kallenberg, check original white paper. Around one month ago, at 31-st Chaos Communication Congress, Rafal Wojtczuk and Corey Kallenberg presented an excellent research: “Attacks on UEFI security, inspired by Darth Venamis’s misery and Speed Racer” (video, white paper 1,white paper 2). The main goal of UEFI […]

Yokogawa patches widespread SCADA vulnerability

Networking process crashed by crafted packets. One of the world’s major suppliers of industrial networking kit, Japanese company Yokogawa, has alerted the world to a vulnerability in 21 of its products. The ICS-CERT advisory, here, identifies the company’s CENTUM, ProSafe-RS, STARDOM, FAST/TOOLS and other systems as being at risk. The vulns are “stack-based buffer overflow […]

Researchers Outline Vulnerabilities in Yahoo, PayPal, Magento Apps

Researchers recently discovered a smattering of vulnerabilities in web applications and mobile applications belonging to companies like Yahoo, PayPal, Magento, and Shopify that could have led to account theft, session hijacking, and phishing, among other consequences. Hadji Samir, Ebrahim Hegazy, Ayoub Ait Elmokhtar, and Benjamin Kunz Mejri, researchers with Vulnerability Lab, found the bugs earlier this […]

Android Stagefright Exploit Code Released to Public

Joshua Drake, the researcher who found the so-called Stagefright vulnerability in Android, today released exploit code to the public, which he hopes will be used to test systems’ exposure to the flaw. The move comes more than a month after vulnerability details were released in August during presentations at the Black Hat and DEF CON […]

iOS 8.4.1 Kernel Vulnerabilities in AppleHDQGasGaugeControl

When auditing iOS kernel executable, we found that the code quality ofcom.apple.driver.AppleHDQGasGaugeControl is very bad. In this blog, we will disclose 3 vulnerabilities in this kernel extension on the latest public iOS (version 8.4.1). More importantly, one of these bugs is a perfect heap overflow vulnerability that allows us to defeat all kernel mitigations and […]

Microsoft Patches Graphics Component Flaw Under Attack

Microsoft today patched a vulnerability in its graphics component present in Windows, Office and Lync that has been publicly attacked, and is one of five vulnerabilities patched this month that have been publicly disclosed. Microsoft released a dozen bulletins today, five of them it rates critical, including separate updates for Internet Explorer and the new […]

WhatsApp “MaliciousCard” Vulnerabilities Allowed Attackers to Compromise Hundreds of Millions of WhatsApp Users

WhatsApp Web is a web-based extension of the WhatsApp application on your phone. The web application mirrors all messages sent and received, and fully synchronize your phone and your desktop computer so that users can see all messages on both devices. WhatsApp Web is available for most WhatsApp supported platforms, including Android, iPhone (iOS), Windows Phone 8.x, BlackBerry, BB10 and […]

Time to patch your firmware! Backdoor discovered in Seagate NAS drives

If you have not recently updated the firmware for your Seagate wireless NAS drives, now is the time to do so. Researchers at Tangible Security have discovered a series of vulnerabilities in a number of devices produced by Seagate that could allow unauthorized access to files and settings. An undocumented Telnet feature could be used […]

Attackers bundle an old version of TeamViewer to exploit vulnerability

We’re used to seeing malware that exploits unpatched vulnerabilities in software. But in a new twist attackers are bundling an old version of remote access package TeamViewer with their malware in order to take advantage of a flaw. The malware known as TVSPY has been uncovered by researchers at security companyDamballa. While the current version of TeamViewer […]

Attacker Compromised Mozilla Bug System, Stole Private Vulnerability Data

Security experts constantly tell users not to reuse passwords on multiple accounts, but the message often falls on deaf ears. Now, officials at Mozilla are finding that advanced users don’t always follow that advice either after discovering that an attacker was able to compromise a Bugzilla user’s account by using a password taken from a data […]

Netflix Sleepy Puppy Awakens XSS Vulnerabilities in Secondary Applications

Most automated scanning and security tools that ferret out cross-site scripting vulnerabilities don’t do much analysis beyond the target application. Netflix this week, however, released to open source a tool developed in-house that persists beyond the target app and can flag potential XSS trouble in secondary applications. The tool, called Sleepy Puppy, is available on […]

PayPal XSS Vulnerability Found, Fixed Before Being Exploited

A stored XSS vulnerability was identified and reported by Bitdefender’s staff to PayPal, one that could have been easily used by hackers as an entry point for further attacks. We recently posted an article based on Jack Leonard’s “How XSS Attacks Work” infographic. And as we explained in that post, the difference between reflective and […]

UPnP Trouble Puts Devices Behind Firewall at Risk

Security vulnerabilities in UPnP continue to crop up and continue to put millions of home networking devices at risk for compromise. The latest was revealed in early August, but prompted an advisory yesterday from the DHS-sponsored CERT at the Software Engineering Institute at Carnegie Mellon University. It’s called Filet-o-Firewall and it combines a number vulnerabilities […]

Malware infecting jailbroken iPhones stole 225,000 Apple account logins

A newly discovered malware family that preys on jailbroken iPhones has collected login credentials for more than 225,000 Apple accounts, making it one of the largest Apple account compromises to be caused by malware. KeyRaider, as the malware family has been dubbed, is distributed through a third-party repository ofCydia, which markets itself as an alternative […]

Ruskie ICS hacker drops nine holes in popular Siemens power plant kit

Ilya Karpov of Russian security outfit Positive Technologies has reported nine vulnerabilities in Siemens industrial control system kit used in critical operations from petrochemical labs and power plants up to the Large Hadron Collider. The holes, now patched, also include two for Schneider Electric kit and cover a mix of remote and local exploits that […]

Dolphin and Mercury Android browsers have major vulnerabilities

Major vulnerabilities have been detected in Dolphin and Mercury Android browsers that could have provided cybercriminals with the opportunity to launch zero-day attacks. This is considered to be a notable discovery. With both browsers growing in popularity – it is estimated that over 100 million downloads have been made between the two browsers – the […]

Concerns new Tor weakness is being exploited prompt dark market shutdown

Agora dark market suspends operations after finding “suspicious activity.” A dark market website that relies on the Tor privacy network to keep its operators anonymous is temporarily shutting down amid concerns attackers are exploiting a newly reported weakness that can identify server locations. As Ars reported last month, the technique requires the adversary to control […]

Patched Ins0mnia Vulnerability Keeps Malicious iOS Apps Hidden

Apple’s monster security update of Aug. 13 included a patch for an iOS vulnerability that could beacon out location data and other personal information from a device, even if a particular task has been shut off by the user. A mobile app exploiting this vulnerability could also look benign enough to slip past Apple’s security […]