Items tagged with exploit

We reported earlier this week that a Jeep Cherokee could be remotely accessed and controlled, and I wouldn't blame anyone for being a skeptic. After all, what are the chances of someone remote being able to disable the transmission? Well, with Fiat Chrysler's response, I think that question has been answered. In a press statement issued today, the company has announced that it's recalling 1.4 million cars that are equipped with certain UConnect radios. Dodges, Jeeps, Rams, and Chrysler's are affected. Ultimately, it seems like this recall isn't going to be that painful for owners of the affected vehicles, as FCA US said a software update would be made available via a USB drive that plugs... Read more...
One of the biggest concerns revolving around ever-improving vehicle technologies is the risk of their security being breached and an exploiter causing something bad to happen. After all, our vehicles are now kitted out with computers - they are computers - and whether we're talking about the desktop, mobile, or enterprise, we see computers get breached a lot. Well, if you've tried to convince yourself that the computers in our vehicles are more bulletproof than those used elsewhere, you're about to have a rude awakening. Tapping into and controlling the remote vehicle Over at Wired, a proof-of-concept has been exhibited using a Jeep Cherokee. The writer, driving some 70 MPH in downtown St.... Read more...
We reported last week on a new zero-day vulnerability in Adobe Flash that was revealed following the leak of data from the Italian hacking group "Hacking Team". It's hardly a surprise when such a vulnerability is found in either Flash or Java, and as sad as it is, it's not even surprising to learn that two more have been found. Oy! The latest vulnerabilities, named CVE-2015-5122 and CVE-2015-5123, are considered critical, and affect the Flash player on Windows, OS X, and Linux. A verbatim threat to last week's vulnerability, "successful exploitation could cause a crash and potentially allow an attacker to take control of the affected... Read more...
After mainboard vendors began adopting EFI en masse in recent years, security researchers all over have dissected the many different implementations out there to find that elusive crippling bug. Sometimes, though, such bugs are not actually elusive at all, like one just discovered by reverse engineering enthusiast fG. fG starts off his report by pointing out two excellent presentations revolving around EFI exploitation, and how this new one relates to one of those. At any point while using your PC, your EFI should never become exposed to write commands, but fG notes that this isn't the case on Macs older than mid-2014. In fact, the bug can be exploited from the desktop - all it requires is that... Read more...
It's always fun to see which security flaws get exploited at Pwn2Own, and this year's event has proven to be no exception. In fact, it could be considered to be one of the most exciting events to date, with JungHoon Lee exploiting three major browsers, and securing a record $110,000 payout for one of the flaws. Starting the day off, JungHoon (aka: lokihardt) breached a time-of-check to time-of-use vulnerability in the 64-bit version of Internet Explorer, breaking out of the sandbox via a privileged JavaScript injection, allowing him to execute medium-integrity code. This flaw netted JungHoon $65,000. His second proof-of-concept was the big one, worth $110,000. It affects both the stable and beta... Read more...
IBM's X-Force Application Security Research Team has discovered a severe bug that plagues the Dropbox SDK on Android, which apps can use to interact with the cloud storage service. Dubbed 'DroppedIn', unauthorized apps have been able to access a rogue Dropbox account, potentially allowing an attacker to grab data off of your device for their later perusal. The bug affects SDK version 1.5.4 through 1.6.1, and has been fixed as of 1.6.2. As serious as this bug is, it's nice to know that Dropbox wasted no time in fixing it. Security Intelligence notes that Dropbox responded to IBM's email about the bug within six minutes, and it confirmed the vulnerability within 24 hours. Finally, it patched the... Read more...
A weakness has been identified that could exist in Android, Windows, and iOS devices that can be used to obtain personal information. Discovered by a team of researchers, the vulnerability revolves around multiple applications running on a shared infrastructure that can be exploited. According to their research, they were able to test a method, on an Android phone, that was successful between 82 percent and 92 percent of the time for six of the seven apps that were tested. The apps with such high percentages were Gmail (92 percent), H&R Block (92 percent), Newegg (86 percent), WebMD (85 percent), CHASE Bank (83 percent), and Hotels.com (83 percent). The final app tested belonged to Amazon,... Read more...
In a Microsoft post announcing a mostly uninteresting list of products and their respective dates for when Microsoft will terminate support for them is a notable standout: Windows 7. Within the next six months, all versions of Windows 7 will enter the Extended Support phase, which lasts for 5 years and includes free security updates and paid hotfix support, but Mainstream Support for the popular OS will cease as of January 13, 2015. What that means in practice is that although you can rest easy knowing that Windows 7 will remain secure until 2020, it won’t be getting any new features. This is standard procedure for Microsoft, and indeed the company spells out these policies fairly clearly... Read more...
While perhaps a bit unnerving, let's not act like this hasn't happened before. While Apple's engineering team is no doubt massive, there's only so much a fixed group can find. We're talking about bugs in particular; while iOS 7's final build squashed a ton of quirks, a couple of security issues have presented themselves now that the operating system has been unleashed to the masses. In fact, most major companies find themselves in similar spots shortly after a major OS release: users discover exploits, and then, the firm has to work overtime in order to issue a patch (or two) to ensure it doesn't impact the userbase. The latest iOS 7 bug is one that (in theory) allows anyone to make calls from... Read more...
Less than a week ago, we posted about a newfound Android vulnerability that's not only a bit worrying, but affects potentially 900 million devices - dating all the way back to Android 1.6. The discovery and minor reveal was made by Bluebox, an up-and-comer security firm that had plans to expose all at an upcoming security conference. It appears, however, that one github user had no plans to wait around for that. Either user "Poliva" knew about the exploit already, or could figure it out based on what Bluebox had revealed up to this point, but he's released some proof-of-concept code - and it's only a mere 32 lines deep: Not only is this entire blurb small, the number of lines could have been... Read more...
Oh Facebook - couldn't this have come at a better time? Mere weeks after news of NSA's PRISM project being leaked, which is said to involve tight integration with the likes of Facebook and other popular Web entities, we learn of a bug that caused six million user's worth of phone numbers and email addresses being exposed over the past year. The New York Times reports that the cause was a "technical bug", and so far, Facebook has seen no evidence that it was exploited or used maliciously. What it does mean, however, is that if anyone synced their Facebook account to their phone or any other device, they would have obtained additional information that they shouldn't have. With this wording, it... Read more...
We talked earlier this week about all of the software that lost their battles against the hackers at the Pwn2Own competition in Vancouver, Canada, but lest we forget about the sister competition, Pwnium 3. This particular competition was heavily sponsored by Google, with the company paying well more than $100,000 per exploit discovered against its Chrome browser. Examples would be a system compromise delivered via a webpage while in guest mode or even better - an exploit that results in device persistence (lasting through the reboots). Well, while Chrome fell at Pwn2Own - despite Google patching 6 severe bugs prior to the event - it remained strong at Pwnium 3. Equipped with Samsung Series 5... Read more...
Is there a world record for number of software vulnerabilities exposed within the span of a single month? If so, I'm willing to bet that Oracle's Java is the clear winner. We've reported on many Java happenings over the past couple of months, and it doesn't look like the fun is going to end anytime soon. Security firm FireEye is responsible for the latest finding, noting that this zero-day exploit has been successfully executed using Java 1.6 update 41 and the most recent 1.7 update 15. It takes advantage of a vulnerability that might allow someone to overwrite bits of data Java has stored in the RAM - such as the area that tells it whether or not the security manager is enabled. While success... Read more...
Still clinging to Internet Explorer? If so, be aware of a recently posted security advisory (2757760) alerting IE users of a vulnerability that could allow attackers to execute malicious code from a remote location. According to Microsoft, the the vulnerability affects affects IE6, IE7, IE8, and IE9 (IE10 is excluded). "A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted or has not been properly allocated," Microsoft explains. "The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted... Read more...
Well here's a bit of a bummer going into the weekend. Apparently the developer responsible for the popular Black Hole exploit kit -- the one that lazy hackers and inexperienced script kiddies are particularly drawn towards -- has released a new version of his nefarious software, with new and improved features designed to evade antivirus scanners. Oh joy. Black Hole is popular because it's relatively easy to use no matter what the attacker's skill level, and because it's capable of exploiting a number of vulnerabilities. According to security firm Kaspersky, pretty much any backwoods hackabilly can wield Black Hole like a pro and wreak havoc with just a few mouse clicks. Now is a good time to... Read more...
Whether true or not, Apple’s Mac OSX is typically perceived as being more secure than Windows. But according to Passware, Inc., a leading maker of password recovery and e-Discovery software for Federal and State agencies, law enforcement, and military organizations, among many other corporate clients, OSX has its fair share of vulnerabilities too. In fact, according to Passware, a recent vulnerability found in OSX—including the latest “Lion” release—allows the company’s Passware Kit to ascertain even complex passwords in a matter of minutes. The tool exploits a vulnerability in the OS when a system with Automatic Login enabled is put into sleep mode. Although... Read more...
Today, Microsoft released its detailed security report covering the latter half of 2010. Industry tends in general are positive—vulnerability disclosures in 2010 fell 16.5 percent from their 2009 levels and approximately 35 percent from 2006. Microsoft's own share of the vulnerability pie rose from 4.5 percent in 2009 to 7.2 percent in 2010; the company claims this is largely because industry disclosures fell so sharply in just one year. The general decline in disclosures hides sharp changes in the nature of the exploits roaming the Internet. From the report: Malware written in Java has existed for many years, but attackers had not focused significant attention on Java vulnerabilities until... Read more...
2010 has not been kind to Microsoft's security team. In under a month's time, we've seen Microsoft address a bug that was supposed to fix an ancient exploit but instead caused more headaches, all while having to encourage consumers not to be duped by a fake security site parading around as something useful. As if those software savvy folks up in Washington didn't have enough on their plates, the company has today issued yet another startling advisory, and this is easily one of the more bizarre ones that we've seen. Microsoft has gone public with an investigation into a "a vulnerability in VBScript that is exposed on supported versions of Microsoft Windows 2000, Windows XP, and Windows Server... Read more...
Microsoft seems to have quite the issue on their hands. Just a few days after the company began to receive complaints that a company-issued patch was causing seemingly random freezes and reboots on select Windows XP systems, there has been yet another update from the company to inform us all that malware may be to blame. Or maybe not. But it's still investigating.It's kind of unsettling, particularly for those poor Windows XP netbook users who rely heavily on that as their main machine while on the road. As of now, the patch that started this whole mess has been removed while the company investigates further, and a quote from them notes that they "are not yet ruling out other potential causes... Read more...
Traditional antivirus (AV) testing, such as that done by organizations such as AV-test.org and AV-comparatives.org, uses collections of malware to demonstrate the capabilities of security products. Secunia, on the other hand, focuses on exploits. For example, it has a scanner at its site that will search your system for unpatched vulnerabilities in products such as Microsoft Windows, Internet Explorer, or Firefox. As Secunia's focus is on exploits, you might expect them to try to put AV solutjions to the test with exploits, rather than just already published malware, and that's what they did. They did a study (.PDF) by taking the following security suites: McAfee Internet Security Suite 2009Norton... Read more...
How many times have you forgotten to lock your car, or a door? While that's bad enough, what about essentially leaving a back door open for hackers, by "forgetting" about an old administrative system?A hacker infiltrated an eBay server and disabled accounts of several members on Friday. Representatives of eBay say that the hacker used vestigial components of an old eBay administrative system that has long been unused. The code exploited by the hacker has since been taken down, and eBay claims that no financial information was exposed. An individual who identifies himself as Vladuz has taken responsibility for the hack. Many believe that Vladuz was behind a massive disclosure of user information... Read more...
The shooting at Virginia Tech is big news, and it's certainly bad enough without the pond scum of the net impersonating charities and swindling you out of your hard earned cash. Information week is running a story that warns users to steer clear of any such emails or other online solicitations: "Security researchers are warning people to be watchful for phishing scams and malware attacks that take advantage of this week's tragedy at Virginia Tech.   U.S.-CERT issued a warning that users and IT managers should be aware that new phishing campaigns generally are launched in the wake of tragedies and natural disasters. Researchers at the government's Computer Emergency Readiness Team advised... Read more...
Prev 1 2 3 4 Next