Week 15 In Review – 2017

 

Events Related 

Resources 

  • Over The Air: Exploiting Broadcom’s Wi-Fi Stack (Part 2) – googleprojectzero.blogspot.com
    In this blog post we’ll continue our journey into gaining remote kernel code execution, by means of Wi-Fi communication alone. Having previously developed a remote code execution exploit giving us control over Broadcom’s Wi-Fi SoC, we are now left with the task of exploiting this vantage point in order to further elevate our privileges into the kernel.
  • Protecting customers and evaluating risk – blogs.technet.microsoft.com
    Microsoft triaged a large release of exploits made publicly available by Shadow Brokers. Understandingly, customers have expressed concerns around the risk this disclosure potentially creates. Our engineers have investigated the disclosed exploits, and most of the exploits are already patched.

Vendor/Software Patches

  • Adobe Patches 59 Vulnerabilities Across Flash, Reader, Photoshop – threatpost.com
    Among the patches are fixes for vulnerabilities uncovered at Pwn2Own, the hacking competition held alongside CanSecWest last month in Vancouver. A team of hackers from Qihoo 360 exploited a heap overflow in the way Reader parsed JPEG200 to take down the PDF software on the competition’s first day.
  • Microsoft Patches Word Zero-Day Spreading Dridex Malware – threatpost.com
    Attacks were spreading via a massive spam campaign where emails contain Microsoft Word documents with malicious attachments that exploited a vulnerability in the way Microsoft handles OLE2Link objects. According to researchers, the attacks were effective at bypassing most mitigation efforts.

Vulnerabilities

  • Travel Routers, NAS Devices Among Easily Hacked IoT Devices – threatpost.com
    Jan Hoersch, an IT security consultant at Securai GmbH, a small pen-testing firm based in Munich, described vulnerabilities that affected off-the-shelf IoT devices such as travel routers and retinal scanners in a talk at Kaspersky Lab’s Security Analyst Summit.
  • The Riddle – riddle.link
    The Riddle is a critical security vulnerability found in Oracle’s MySQL 5.5 and 5.6 client database libraries. The vulnerability allows an attacker to use man riddle in the middle for breaking SSL configured connection between MySQL client and server.
  • A Remote Attack on the Bosch Drivelog Connector Dongle – argus-sec.com
    In this blog post, I discuss the vulnerabilities of the Bosch Drivelog Connector OBD-II dongle found by the Argus Research Team. The vulnerabilities allowed us to stop the engine of a moving vehicle using the Drivelog platform.
  • Phishing with Unicode Domains – www.xudongz.com
    From a security perspective, Unicode domains can be problematic because many Unicode characters are difficult to distinguish from common ASCII characters. It is possible to register domains such as “xn--pple-43d.com”, which is equivalent to “аpple.com”.
  • ‘High Risk’ Zero Day Leaves 200,000 Magento Merchants Vulnerable – threatpost.com
    A popular version of the open source Magento ecommerce platform is vulnerable to a zero-day remote code execution vulnerability, putting as many as 200,000 online retailers at risk. The warning comes from security firm DefenseCode, which found and originally reported the vulnerability to Magento in November.

Other News

  • NIST Cybersecurity Framework 1.1 – www.tenable.com
    Measuring and demonstrating cybersecurity to business leaders and partners is simultaneously very important and very challenging. Various sources, including the EisnerAmper accounting firm and the National Association of Corporate Directors, have reported that only about 20% of boards have confidence in the state of their organization’s cybersecurity.
  • Inside the Tech Support Scam Ecosystem – www.onthewire.io
    A pair of doctoral students and their advisor, looking for insights into the inner workings of tech support scams, spent eight months collecting data on and studying the tactics and infrastructure of the scammers, using a purpose-built tool. What they uncovered is a complex, technically sophisticated ecosystem supported by malvertising and victimizing people around the world.

 

 

 

 

 

Leave A Comment