Week 15 In Review – 2016

Events Related

• Tailoring the NIST Cybersecurity Framework for a Precise Fit – www.tenable.com
  One thing caught my attention right away: there were two digital clocks prominently displayed on either side of the auditorium. Both clocks were synchronized, and according to my phone, they were accurate to the second. It makes sense because NIST is the keeper of the nation’s atomic clock that will neither gain nor lose one second in about 300 million years.

Resources

• Multiple vulnerabilities found in Quanta LTE routers – pierrekim.github.io
  The Quanta LTE QDH Router device is a LTE router / access point overall badly designed with a lot of vulnerabilities. It’s available in a number of countries to provide Internet with a LTE network.

• Scapy Cheat Sheet from SANS SEC560 – pen-testing.sans.org
  One of my favorite tools for fine-grained interactions with target systems during penetration testing is the mighty Scapy. While other tools are indispensable for scanning large numbers of machines, Scapy is like a fine-grained scalpel for manipulating a single target in a myriad of cool ways.

• Mossack Fonseca Breach – WordPress Revolution Slider Plugin Possible Cause – www.wordfence.com
  Mossack Fonseca (MF), the Panamanian law firm at the center of the so called Panama Papers Breach may have been breached via a vulnerable version of Revolution Slider. The data breach has so far brought down the Prime Minister of Iceland and surrounded Russian President Putin and British Prime Minister David Cameron with controversy, among other famous public figures.

• OWASP Top 10 Privacy Risks Project – www.owasp.org
  The OWASP Top 10 Privacy Risks Project provides a top 10 list for privacy risks in web applications and related countermeasures. It covers technological and organizational aspects that focus on real-life risks, not just legal issues. The Project provides tips on how to implement privacy by design in web applications with the aim of helping developers and web application providers to better understand and improve privacy.

Tools

• Swift.nV – github.com
  Security Training Tool that demonstrates common mobile application vulnerabilities using Swift in iOS

Techniques

• Practical Reverse Engineering Part 1 – Hunting for Debug Ports – jcjc-dev.com
  In this series of posts we’re gonna go through the process of Reverse Engineering a router. More specifically, a Huawei HG533. At the earliest stages, this is the most basic kind of reverse engineering. We’re simple looking for a serial port that the engineers who designed the device left in the board for debug and -potentially- technical support purposes.

Vendor/Software Patches

• Adobe Patches Flash Player Zero-Day Threat – krebsonsecurity.com
  Adobe Systems this week rushed out an emergency patch to plug a security hole in its widely-installed Flash Player software, warning that the vulnerability is already being exploited in active attacks.

Vulnerabilities

• Pwncloud – bad crypto in the Owncloud encryption module – blog.hboeck.de
  To anyone knowing anything about crypto this sounds quite weird. AES and RSA are very different algorithms – AES is a symmetric algorithm and RSA is a public key algorithm – and it makes no sense to replace one by the other. Also RSA is much older than AES.

• NoScript and other popular Firefox add-ons open millions to new attack – arstechnica.com
  The attack is made possible by a lack of isolation in Firefox among various add-ons installed by an end user. The underlying weakness has been described as an extension reuse vulnerability because it allows an attacker-developed add-on to conceal its malicious behavior by invoking the capabilities of other add-ons.

• CVE-2016-1019: A New Flash Exploit Included in Magnitude Exploit Kit – www.fireeye.com
  Magnitude EK recently updated its delivery chain. It added a profile gate, just like Angler EK, which collects the screen’s dimensions and color depth.

Other News

• ‘CyberUL’ Launched For IoT, Critical Infrastructure Device Security – www.darkreading.com
  UL today rolled out its anticipated—and voluntary–Cybersecurity Assurance Program (UL CAP), which uses a newly created set of standards for IoT and critical infrastructure vendors to use for assessing security vulnerably and weaknesses in their products.

• Over 135 million modems vulnerable to denial-of-service flaw – www.zdnet.com
  The vulnerability, found in a modem used in millions of US households, can allow an attacker with access to the network to remotely reset the device, which wipes out the internet provider’s settings and causing a denial-of-service attack. Every person and device on the network will permanently lose access to the internet until the modem owner contacts their internet provider.