Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

63 New Flaws (Including 0-Days) Windows Users Need to Patch Now

The Hacker News - 14 Listopad, 2018 - 10:55
It's Patch Tuesday once again…time for another round of security updates for the Windows operating system and other Microsoft products. This month Windows users and system administrators need to immediately take care of a total of 63 security vulnerabilities, of which 12 are rated critical, 49 important and one moderate and one low in severity. <!-- adsense --> Two of the vulnerabilities
Kategorie: Hacking & Security

A new exploit for zero-day vulnerability CVE-2018-8589

Kaspersky Securelist - 14 Listopad, 2018 - 08:00

Yesterday, Microsoft published its security bulletin, which patches a vulnerability discovered by our technologies. We reported it to Microsoft on October 17, 2018. The company confirmed the vulnerability and assigned it CVE-2018-8589.

In October 2018, our Automatic Exploit Prevention (AEP) systems detected an attempt to exploit a vulnerability in Microsoft’s Windows operating system. Further analysis revealed a zero-day vulnerability in win32k.sys. The exploit was executed by the first stage of a malware installer in order to gain the necessary privileges for persistence on the victim’s system. So far, we have detected a very limited number of attacks using this vulnerability. The victims are located in the Middle East.

Kaspersky Lab products detected this exploit proactively using the following technologies:

  • Behavioral Detection Engine and Automatic Exploit Prevention for endpoints
  • Advanced Sandboxing and Anti-Malware Engine for Kaspersky Anti Targeted Attack Platform (KATA)

Kaspersky Lab verdicts for the artifacts in this campaign are:

  • HEUR:Exploit.Win32.Generic
  • HEUR:Trojan.Win32.Generic
  • PDM:Exploit.Win32.Generic

More information about the attack is available to customers of Kaspersky Intelligence Reports. Contact: intelreports@kaspersky.com

Technical details

CVE-2018-8589 is a race condition present in win32k!xxxMoveWindow due to improper locking of messages sent synchronously between threads.

The exploit uses the vulnerability by creating two threads with a class and associated window and moves the window of the opposite thread inside the callback of a WM_NCCALCSIZE message in a window procedure that is common to both threads.

WM_NCCALCSIZE message in win32k!xxxCalcValidRects

Termination of the opposite thread on the maximum level of recursion inside the WM_NCCALCSIZE callback will cause asynchronous copyin of the lParam structure controlled by the attacker.

Lack of proper message locking between win32k!xxxCalcValidRects and win32k!SfnINOUTNCCALCSIZE

The exploit populates lParam with pointers to the shellcode and after being successfully copyied to kernel inside win32k!SfnINOUTNCCALCSIZE, the kernel jumps to the user level. The exploit found in the wild only targeted 32-bit versions of Windows 7.

BSOD on an up-to-date version of Windows 7 with our proof of concept

As always, we provided Microsoft with a proof of concept for this vulnerability along with well-written source code.

Sněmovna odložila schvalování nových pravidel ochrany soukromí

Novinky.cz - bezpečnost - 14 Listopad, 2018 - 07:42
Sněmovna nedokončila tento týden schvalování nových pravidel ochrany soukromí v návaznosti na unijní nařízení GDPR. Dohodlo se na tom vedení dolní komory, oznámil bez bližších podrobností její předseda Radek Vondráček (ANO). Poslanci to při úpravách programu schválili. K normě se vrátí zřejmě až počátkem prosince.
Kategorie: Hacking & Security

Jak na zabezpečení kyberprostoru? Macronova dohoda nemá podporu velmocí

Novinky.cz - bezpečnost - 14 Listopad, 2018 - 06:32
Francouzský prezident Emmanuel Macron v pondělí na fóru UNESCO pro správu internetu představil iniciativu francouzské vlády na dohodnutí mezinárodních norem pro zajištění světové počítačové sítě. „Pařížská výzva za důvěru a bezpečnost v kyberprostoru” nastoluje několik principů ve snaze zabránit mimo jiné zahraničnímu vměšování do voleb. Zatím ji však nepodpořili nejdůležitější hráči, tedy Čína, Rusko ani Spojené státy.
Kategorie: Hacking & Security

Spectre, Meltdown researchers unveil 7 more speculative execution attacks

Ars Technica - 14 Listopad, 2018 - 02:50

Enlarge (credit: Aurich Lawson / Getty Images)

Back at the start of the year, a set of attacks that leveraged the speculative execution capabilities of modern high-performance processors was revealed. The attacks were named Meltdown and Spectre. Since then, numerous variants of these attacks have been devised. In tandem, a range of mitigation techniques has been created to enable at-risk software, operating systems, and hypervisor platforms to protect against these attacks.

A research team—including many of the original researchers behind Meltdown, Spectre, and the related Foreshadow and BranchScope attacks—has published a new paper disclosing yet more attacks in the Spectre and Meltdown families. The result? Seven new possible attacks. Some are mitigated by known mitigation techniques, but others are not. That means further work is required to safeguard vulnerable systems.

The previous investigations into these attacks have been a little ad hoc in nature: examining particular features of interest to provide, for example, a Spectre attack that can be performed remotely over a network or Meltdown-esque attack to break into SGX enclaves. The new research is more systematic, looking at the underlying mechanisms behind both Meltdown and Spectre and running through all the different ways the speculative execution can be misdirected.

Read 15 remaining paragraphs | Comments

Kategorie: Hacking & Security

Microsoft Patches Zero-Day Bug in Win7, Server 2008 and 2008 R2

Threatpost - 13 Listopad, 2018 - 23:10
Microsoft’s November Patch Tuesday fixes include mitigation against a zero-day vulnerability leaving Windows 7, Server 2008 and Server 2008 R2 open to attack.
Kategorie: Hacking & Security

Another Facebook Bug Could Have Exposed Your Private Information

The Hacker News - 13 Listopad, 2018 - 19:45
Another security vulnerability has been reported in Facebook that could have allowed attackers to obtain certain personal information about users and their friends, potentially putting the privacy of users of the world's most popular social network at risk. Discovered by cybersecurity researchers from Imperva, the vulnerability resides in the way Facebook search feature displays results for
Kategorie: Hacking & Security

Windows 10 October 2018 Update is back, this time without deleting your data

Ars Technica - 13 Listopad, 2018 - 19:21

Enlarge / This message, shown during Windows upgrades, is going to be salt in the wound.

Just over a month since its initial release, Microsoft is making the Windows 10 October 2018 Update widely available today. The update was withdrawn shortly after its initial release due to the discovery of a bug causing data loss.

New Windows 10 feature updates use a staggered, ramping rollout, and this (re)release is no different. Initially, it'll be offered only to two groups of people: those who manually tell their system to check for updates (and that have no known blocking issues due to, for example, incompatible anti-virus software), and those who use the media-creation tool to download the installer. If all goes well, Microsoft will offer the update to an ever-wider range of Windows 10 users over the coming weeks.

For the sake of support windows, Microsoft is treating last month's release as if it never happened; this release will receive 30 months of support and updates, with the clock starting today. The same is true for related products; Windows Server 2019 and Windows Server, version 1809, are both effectively released today.

Read 8 remaining paragraphs | Comments

Kategorie: Hacking & Security

Google’s G Suite, Search and Analytics Taken Down in Hijacking

Threatpost - 13 Listopad, 2018 - 18:44
Google cloud business customers were impacted by a Border Gateway Protocol hijacking.
Kategorie: Hacking & Security

Unpatched Android OS Flaw Allows Adversaries to Track User Location

Threatpost - 13 Listopad, 2018 - 18:03
The vulnerability is one of many with the same root cause: Cross-process information leakage.
Kategorie: Hacking & Security

Adobe Fixes Acrobat and Reader Flaw With Publicly-Available PoC

Threatpost - 13 Listopad, 2018 - 17:44
Overall, the company released only three patches as part of its regularly-scheduled November update.
Kategorie: Hacking & Security

Google and Cloudfare traffic diverted to China… do we need to panic?

Sophos Naked Security - 13 Listopad, 2018 - 15:56
A brief outage on Monday diverted traffic to providers such as Google and Cloudflare via China - was it a blunder or a hack?

Podcast: IoT Firms Face a ‘Tidal Wave’ of Lawsuits, Attorney Explains

Threatpost - 13 Listopad, 2018 - 15:39
An attorney in the infamous 2015 Jeep hack predicts that more lawsuits related to IoT security are looming in the future.
Kategorie: Hacking & Security

WordPress GDPR compliance plugin hacked

Sophos Naked Security - 13 Listopad, 2018 - 13:48
There's no obvious executable payload in the attack but the attackers may be building a collection of websites and biding their time.

Cynet Review: Simplify Security with a True Security Platform

The Hacker News - 13 Listopad, 2018 - 13:34
In 1999, Bruce Schneier wrote, "Complexity is the worst enemy of security." That was 19 years ago (!) and since then, cyber security has only become more complex. Today, controls dramatically outnumber staff available to support them. The Bank of America has a $400-million cyber budget to hire security staff and implement a broad array of products. But what if your budget and
Kategorie: Hacking & Security

DEA and ICE hiding cameras in streetlights and traffic barrels

Sophos Naked Security - 13 Listopad, 2018 - 13:29
Drug and immigration cops in the US are buying surveillance cameras to hide in streetlights and traffic barrels.

Does wiping your iPhone count as destroying evidence?

Sophos Naked Security - 13 Listopad, 2018 - 11:26
Police say it's a felony, but a woman arrested in connection with a drive-by shooting says she doesn't even know how to remotely wipe.

Údajně nejrychlejší DNS server 1.1.1.1 je už k dispozici i na Androidu a iOS

Zive.cz - bezpečnost - 13 Listopad, 2018 - 10:55
Cloudflare na jaře spustil svůj vlastní veřejný a šifrovaný DNS server, který podobně jako Google hostuje na atraktivní a snadno zapamatovatelné IP adrese 1.1.1.1 a 1.0.0.1. Jen připomenu, že Google používá 8.8.8.8 a 8.8.4.4. Nyní jedna z klíčových firem budující internetovou infrastrukturu ...
Kategorie: Hacking & Security

WordPress GDPR compliance plugin hacked

LinuxSecurity.com - 13 Listopad, 2018 - 10:47
LinuxSecurity.com: The EU General Protection Data Regulation (GDPR) is supposed to make companies take extra care with their customers' personal data. That includes gathering explicit consent to use information and keeping it safe from identity thieves.
Kategorie: Hacking & Security

It's Amateur Hour in the World of Spyware and Victims Will Pay the Price

LinuxSecurity.com - 13 Listopad, 2018 - 10:40
LinuxSecurity.com: The rise of usable, frictionless encryption has brought us to a point where users can be fairly certain that their Signal or WhatsApp messages are not being collected, subpoenaed, or wiretapped by cops armed with a warrant or message interception technology.
Kategorie: Hacking & Security
Syndikovat obsah