Week 50 In Review – 2016

Events Related

Tools

  • GRASSMARLIN – github.com
    GRASSMARLIN provides IP network situational awareness of industrial control systems (ICS) and Supervisory Control and Data Acquisition (SCADA) networks to support network security.

Techniques

  • Secure Rom extraction on iPhone 6s – ramtin-amin.fr
    Secure ROM, also knows as bootrom, is the very first piece of software that a CPU will run in order to get initialized, and run find a way to boot on the next stage. This same ROM, in a trusted environment, could verify the signature of the next stages it loads, in order to check its integrity.
  • Research Diary: Bluetooth. Part 2 – insinuator.net
    Recently we posted first part of our Bluetooth research diary. Today, we want to continue on that topic and tell you about Bluetooth proxying and packet replay with a new tool.
  • Passwordreq No – A hacker prospective – room362.com
    I was having one of those moments in a recent conversation on the NoVA Hackers mailing list. The question came up as to what effect “Password Required: No” means in a net user UserName is.

Vulnerabilities

  • Tesco Bank cyber attack involved guesswork, study claims – www.theguardian.com
    A team of academics claims an unsophisticated type of cyber attack that exploits “flaws” in the Visa card payment system was probably used to defraud Tesco Bank customers of £2.5m last month.
  • New Kit, Same Player: Top 10 Vulnerabilities Used by Exploit Kits in 2016 – www.recordedfuture.com
    According to updated Recorded Future analysis, Adobe (Flash Player) and Microsoft products (Internet Explorer, Silverlight, Windows) continue to provide the primary avenue of access for criminal exploit kits. While nation-state targeting of political efforts has dominated information security headlines in 2016, criminals continue to deliver ransomware and banking trojans using new exploit kits targeting new vulnerabilities.
  • Yahoo fixes flaw allowing an attacker to read any user’s emails – www.zdnet.com
    Yahoo has fixed a severe security vulnerability in its consumer email service that could have allowed an attacker to read a victim’s email inbox. The cross-site scripting (XSS) attack only required a victim to view an email in Yahoo Mail.
  • Multiple Netgear routers are vulnerable to arbitrary command injection – kb.cert.org
    Netgear R7000, firmware version 1.0.7.2_1.1.93 and possibly earlier, and R6400, firmware version 1.0.1.6_1.0.4 and possibly earlier, contain an arbitrary command injection vulnerability. By convincing a user to visit a specially crafted web site, a remote unauthenticated attacker may execute arbitrary commands with root privileges on affected routers.

Other News

  • American And British Spy Agencies Targeted In-Flight Mobile Phone Use – theintercept.com
    In the trove of documents provided by former National Security Agency contractor Edward Snowden is a treasure. It begins with a riddle: “What do the President of Pakistan, a cigar smuggler, an arms dealer, a counterterrorism target, and a combatting proliferation target have in common? They all used their everyday GSM phone during a flight.”

Leave A Comment