Items tagged with exploit

After mainboard vendors began adopting EFI en masse in recent years, security researchers all over have dissected the many different implementations out there to find that elusive crippling bug. Sometimes, though, such bugs are not actually elusive at all, like one just discovered by reverse engineering enthusiast fG. fG starts off his report by pointing out two excellent presentations revolving around EFI exploitation, and how this new one relates to one of those. At any point while using your PC, your EFI should never become exposed to write commands, but fG notes that this isn't the case on... Read more...
It's always fun to see which security flaws get exploited at Pwn2Own, and this year's event has proven to be no exception. In fact, it could be considered to be one of the most exciting events to date, with JungHoon Lee exploiting three major browsers, and securing a record $110,000 payout for one of the flaws. Starting the day off, JungHoon (aka: lokihardt) breached a time-of-check to time-of-use vulnerability in the 64-bit version of Internet Explorer, breaking out of the sandbox via a privileged JavaScript injection, allowing him to execute medium-integrity code. This flaw netted JungHoon $65,000.... Read more...
IBM's X-Force Application Security Research Team has discovered a severe bug that plagues the Dropbox SDK on Android, which apps can use to interact with the cloud storage service. Dubbed 'DroppedIn', unauthorized apps have been able to access a rogue Dropbox account, potentially allowing an attacker to grab data off of your device for their later perusal. The bug affects SDK version 1.5.4 through 1.6.1, and has been fixed as of 1.6.2. As serious as this bug is, it's nice to know that Dropbox wasted no time in fixing it. Security Intelligence notes that Dropbox responded to IBM's email about the... Read more...
A weakness has been identified that could exist in Android, Windows, and iOS devices that can be used to obtain personal information. Discovered by a team of researchers, the vulnerability revolves around multiple applications running on a shared infrastructure that can be exploited. According to their research, they were able to test a method, on an Android phone, that was successful between 82 percent and 92 percent of the time for six of the seven apps that were tested. The apps with such high percentages were Gmail (92 percent), H&R Block (92 percent), Newegg (86 percent), WebMD (85 percent),... Read more...
In a Microsoft post announcing a mostly uninteresting list of products and their respective dates for when Microsoft will terminate support for them is a notable standout: Windows 7. Within the next six months, all versions of Windows 7 will enter the Extended Support phase, which lasts for 5 years and includes free security updates and paid hotfix support, but Mainstream Support for the popular OS will cease as of January 13, 2015. What that means in practice is that although you can rest easy knowing that Windows 7 will remain secure until 2020, it won’t be getting any new features. This... Read more...
While perhaps a bit unnerving, let's not act like this hasn't happened before. While Apple's engineering team is no doubt massive, there's only so much a fixed group can find. We're talking about bugs in particular; while iOS 7's final build squashed a ton of quirks, a couple of security issues have presented themselves now that the operating system has been unleashed to the masses. In fact, most major companies find themselves in similar spots shortly after a major OS release: users discover exploits, and then, the firm has to work overtime in order to issue a patch (or two) to ensure it doesn't... Read more...
Less than a week ago, we posted about a newfound Android vulnerability that's not only a bit worrying, but affects potentially 900 million devices - dating all the way back to Android 1.6. The discovery and minor reveal was made by Bluebox, an up-and-comer security firm that had plans to expose all at an upcoming security conference. It appears, however, that one github user had no plans to wait around for that. Either user "Poliva" knew about the exploit already, or could figure it out based on what Bluebox had revealed up to this point, but he's released some proof-of-concept code - and it's... Read more...
Oh Facebook - couldn't this have come at a better time? Mere weeks after news of NSA's PRISM project being leaked, which is said to involve tight integration with the likes of Facebook and other popular Web entities, we learn of a bug that caused six million user's worth of phone numbers and email addresses being exposed over the past year. The New York Times reports that the cause was a "technical bug", and so far, Facebook has seen no evidence that it was exploited or used maliciously. What it does mean, however, is that if anyone synced their Facebook account to their phone or any other device,... Read more...
We talked earlier this week about all of the software that lost their battles against the hackers at the Pwn2Own competition in Vancouver, Canada, but lest we forget about the sister competition, Pwnium 3. This particular competition was heavily sponsored by Google, with the company paying well more than $100,000 per exploit discovered against its Chrome browser. Examples would be a system compromise delivered via a webpage while in guest mode or even better - an exploit that results in device persistence (lasting through the reboots). Well, while Chrome fell at Pwn2Own - despite Google patching... Read more...
Is there a world record for number of software vulnerabilities exposed within the span of a single month? If so, I'm willing to bet that Oracle's Java is the clear winner. We've reported on many Java happenings over the past couple of months, and it doesn't look like the fun is going to end anytime soon. Security firm FireEye is responsible for the latest finding, noting that this zero-day exploit has been successfully executed using Java 1.6 update 41 and the most recent 1.7 update 15. It takes advantage of a vulnerability that might allow someone to overwrite bits of data Java has stored in the... Read more...
Still clinging to Internet Explorer? If so, be aware of a recently posted security advisory (2757760) alerting IE users of a vulnerability that could allow attackers to execute malicious code from a remote location. According to Microsoft, the the vulnerability affects affects IE6, IE7, IE8, and IE9 (IE10 is excluded). "A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted or has not been properly allocated," Microsoft explains. "The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code... Read more...
Well here's a bit of a bummer going into the weekend. Apparently the developer responsible for the popular Black Hole exploit kit -- the one that lazy hackers and inexperienced script kiddies are particularly drawn towards -- has released a new version of his nefarious software, with new and improved features designed to evade antivirus scanners. Oh joy. Black Hole is popular because it's relatively easy to use no matter what the attacker's skill level, and because it's capable of exploiting a number of vulnerabilities. According to security firm Kaspersky, pretty much any backwoods hackabilly... Read more...
Whether true or not, Apple’s Mac OSX is typically perceived as being more secure than Windows. But according to Passware, Inc., a leading maker of password recovery and e-Discovery software for Federal and State agencies, law enforcement, and military organizations, among many other corporate clients, OSX has its fair share of vulnerabilities too. In fact, according to Passware, a recent vulnerability found in OSX—including the latest “Lion” release—allows the company’s Passware Kit to ascertain even complex passwords in a matter of minutes. The tool exploits... Read more...
Today, Microsoft released its detailed security report covering the latter half of 2010. Industry tends in general are positive—vulnerability disclosures in 2010 fell 16.5 percent from their 2009 levels and approximately 35 percent from 2006. Microsoft's own share of the vulnerability pie rose from 4.5 percent in 2009 to 7.2 percent in 2010; the company claims this is largely because industry disclosures fell so sharply in just one year. The general decline in disclosures hides sharp changes in the nature of the exploits roaming the Internet. From the report: Malware written in Java has existed... Read more...
1 2 Next