Week 32 In Review – 2015

Events Related


  • Server-Side Template Injection – blog.portswigger.net
    Template engines are widely used by web applications to present dynamic data via web pages and emails. Unsafely embedding user input in templates enables Server-Side Template Injection, a frequently critical vulnerability that is extremely easy to mistake for Cross-Site Scripting (XSS), or miss entirely.


  • Gone in Less Than a Second – threatpost.com
    Kamkar has built a new device that is about the size of a wallet and can intercept the codes used to unlock most cars and many garage doors. The device can be hidden underneath a vehicle and when the owner approaches and hits the unlock button on her key or remote, the device grabs the unique code sent by the remote and stores it for later use.
  • SSH Weak Diffie-Hellman Group Identification Tool – blog.gdssecurity.com
    The LogJam attack against the TLS protocol allows a man-in-the-middle attacker to downgrade a TLS connection such that it uses weak cipher suites (known as export cipher suites). More precisely, the attack forces a Diffie-Hellman (DH) key exchange based on a weak group.
  • Lockheed Open Sources Its Secret Weapon In Cyber Threat Detection – www.darkreading.com
    The cybersecurity team at Lockheed Martin will share some defensive firepower with the security community at Black Hat this week with the open source release of an internal advance threat tool it has been using in house for three years now.
  • Hacking A Phone’s GPS May Have Just Got Easier – www.forbes.com
    A team of researchers at Chinese Internet security firm Qihoo 360 claim they’ve found a way to make a GPS emulator that can falsify the GPS location of smartphones and in-car navigation systems, more cheaply.
  • BLEKey Device Breaks RFID Physical Access Controls – threatpost.com
    A device the size of a quarter that can be installed in 60 seconds on a proximity card reader could potentially be used to break physical access controls in 80 percent of deployments. The device, dubbed BLEKey, is used to read cleartext data sent from card readers to door controllers to either clone cards or feed that data to a mobile application that can be used to unlock doors at any number of installations.


  • Zimperium releases Stagefright detection tool and vulnerability demo video – betanews.com
    Now the mobile security company has released additional details about how the exploit works. To help explain the vulnerability, a video has been produced which uses a Stagefright demonstration to illustrate it in action. Zimperium has also released an Android app that checks devices for the vulnerability.
  • Mass ‘Dark Web’ Scanning With PunkSPIDER – alex.hyperiongray.com
    A while back we did some work in scanning Tor hidden services for vulnerabilities. We did a massive scan of the Tor network for web app vulnerabilities as part of our PunkSPIDERproject and released these as part of our PunkSPIDER Community Edition.


  • Manipulating WSUS to Own Enterprises – threatpost.com
    Two researchers this week at the Black Hat conference, however, point out that WSUS can be a significant weakness that can lead to the complete compromise of any server or desktop in an organization hooked up to the automated update service.
  • Web’s random numbers are too weak, researchers warn – www.bbc.com
    The data scrambling systems used by millions of web servers could be much weaker than they ought to be, say researchers. A study found shortcomings in the generation of the random numbers used to scramble or encrypt data.
  • Welcome to The Internet of Compromised Things – blog.codinghorror.com
    It’s becoming more and more common to see malware installed not at the server, desktop, laptop, or smartphone level, but at the router level. Routers have become quite capable, powerful little computers in their own right over the last 5 years, and that means they can, unfortunately, be harnessed to work against you.
  • Attack on Macs
    Researchers have found that several known vulnerabilities affecting the firmware of all the top PC makers can also hit the firmware of MACs. What’s more, the researchers have designed a proof-of-concept worm for the first time that would allow a firmware attack to spread automatically from MacBook to MacBook, without the need for them to be networked.

  • Man-In-The-Cloud Owns Your DropBox, Google Drive — Sans Malware – www.darkreading.com
    Using no malware or stolen credentials, attackers could obtain complete access to a user’s Google Drive or DropBox account, steal data, and corrupt legitimate files with malicious code to infect target users. It’s called a man-in-the-cloud attack, and is undetectable by both perimeter and endpoint security tools.

Other News

  • Tech Firm Ubiquiti Suffers $46M Cyberheist – krebsonsecurity.com
    Networking firm Ubiquiti Networks Inc. disclosed this week that cyber thieves recently stole $46.7 million using an increasingly common scam in which crooks spoof communications from executives at the victim firm in a bid to initiate unauthorized international wire transfers.
  • How Safe Are Gas Pumps From Hackers? – asia.pcmag.com
    A pair of researchers from Trend Micro set up honeypots to look at what kind of attacks are targeting gasoline pumps and related technology.
  • Russia hacks Pentagon computers: NBC, citing sources – cnbc.com
    U.S. officials tell NBC News that Russia launched a “sophisticated cyberattack” against the Pentagon’s Joint Staff unclassified email system, which has been shut down and taken offline for nearly two weeks.
  • Effect of Hacking on Stock Price, Or Not? – taosecurity.blogspot.com
    This is a terrible crime that I would not wish upon anyone. My interest in this issue has nothing to do with Ubiquiti as a company, nor is it intended as a criticism of the company. The ultimate fault lies with the criminals who perpetrated this fraud.

Leave A Comment