Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Epic in hot water over Steam-scraping code

Sophos Naked Security - 19 Březen, 2019 - 12:39
Players noticed that Epic Games was gathering and storing data from Steam accounts without their permission.

MySpace loses 50 million songs in server migration

Sophos Naked Security - 19 Březen, 2019 - 12:26
Everything uploaded prior to 2015 is gone for good, the cobwebby social network finally admitted.

Child-friendly search engines: How safe is Kiddle?

Sophos Naked Security - 19 Březen, 2019 - 11:35
Kiddle and Kidrex are meant to deliver age-appropriate search results, filtering out internet nastiness. But how do they really stack up?

Libssh Releases Update to Patch 9 New Security Vulnerabilities

The Hacker News - 19 Březen, 2019 - 11:27
Libssh2, a popular open source client-side C library implementing the SSHv2 protocol, has released the latest version of its software to patch a total of nine security vulnerabilities. The Libssh2 library is available for all major distributors of the Linux operating systems, including Ubuntu, Red Hat, Debian, and also comes bundled within some distributions and software as a default library
Kategorie: Hacking & Security

Mirai Variant Adds Dozen New Exploits to Target Enterprise IoT Devices

The Hacker News - 19 Březen, 2019 - 08:55
Security researchers have uncovered a new variant of the infamous Mirai Internet of Things botnet, this time targeting embedded devices intended for use within business environments in an attempt to gain control over larger bandwidth to carry out devastating DDoS attacks. Although the original creators of Mirai botnet have already been arrested and jailed, variants of the infamous IoT malware
Kategorie: Hacking & Security

Open-sourcing Sandboxed API

Google Security Blog - 18 Březen, 2019 - 20:20
Posted by Christian Blichmann & Robert Swiecki, ISE Sandboxing team

Many software projects process data which is externally generated, and thus potentially untrusted. For example, this could be the conversion of user-provided picture files into different formats, or even executing user-generated software code.
When a software library parsing such data is sufficiently complex, it might fall victim to certain types of security vulnerabilities: memory corruption bugs or certain other types of problems related to the parsing logic (e.g. path traversal issues). Those vulnerabilities can have serious security implications.

In order to mitigate those problems, developers frequently employ software isolation methods, a process commonly referred to as sandboxing. By using sandboxing methods, developers make sure that only resources (files, networking connections and other operating system resources) which are deemed necessary are accessible to the code involved in parsing user-generated content. In the worst-case scenario, when potential attackers gain remote code execution rights within the scope of a software project, a sandboxing technique can contain them, protecting the rest of the software infrastructure.

Sandboxing techniques must be highly resistant to attacks and sufficiently protect the rest of the operating system, yet must be sufficiently easy-to-use for software developers. Many popular software containment tools might not sufficiently isolate the rest of the OS, and those which do, might require time-consuming redefinition of security boundaries for each and every project that should be sandboxed.

Sandbox once, use anywhere

To help with this task, we are open-sourcing our battle-tested project called Sandboxed API. Sandboxed API makes it possible to create security policies for individual software libraries. This concept allows to create reusable and secure implementations of functionality residing within popular software libraries, yet is granular enough to protect the rest of used software infrastructure.

As Sandboxed API serves the purpose of accessing individual software functions inside a sandboxed library, we are also making publicly available our core sandboxing project, Sandbox2. This is now part of Sandboxed API and provides the underlying sandboxing primitives. It can be also used standalone to isolate arbitrary Linux processes, but is considered a lower-level API.

Overview

Sandboxed API is currently implemented for software libraries written in the C programming language (or providing C bindings), though we might add support for more programming runtimes in the future.

From a high-level perspective, Sandboxed API separates the library to be sandboxed and its callers into two separate OS processes: the host binary and the sandboxee. Actual library calls are then marshalled by an API object on the host side and send via interprocess communication to the sandboxee where an RPC stub unmarshals and forwards calls to the original library.

Both the API object (SAPI object) and the RPC stub are provided by the project, with the former being auto-generated by an interface generator. Users just need to provide a sandbox policy, a set of system calls that the underlying library is allowed to make, as well as the resources it is allowed to access and use. Once ready, a library based on sandboxed API can easily be reused in other projects.

The resulting API of the SAPI object is similar to the one of the original library. For example, when using zlib, the popular compression library, a code snippet like this compresses a chunk of data (error handling omitted for brevity):


void Compress(const std::string& chunk, std::string* out) {  z_stream zst{};  constexpr char kZlibVersion[] = "1.2.11";  CHECK(deflateInit_(&zst, /*level=*/4, kZlibVersion, sizeof(zst)) == Z_OK);
 zst.avail_in = chunk.size();  zst.next_in = reinterpret_cast<uint8_t*>(&chunk[0]);  zst.avail_out = out->size();  zst.next_out = reinterpret_cast<uint8_t*>(&(*out)[0]);  CHECK(deflate(&zst, Z_FINISH) != Z_STREAM_ERROR);  out->resize(zst.avail_out);
 deflateEnd(&zst);}

Using Sandboxed API, this becomes:void CompressSapi(const std::string& chunk, std::string* out) {  sapi::Sandbox sandbox(sapi::zlib::zlib_sapi_embed_create());  CHECK(sandbox.Init().ok());  sapi::zlib::ZlibApi api(&sandbox);
 sapi::v::Array<uint8_t> s_chunk(&chunk[0], chunk.size());  sapi::v::Array<uint8_t> s_out(&(*out)[0], out->size());  CHECK(sandbox.Allocate(&s_chunk).ok() && sandbox.Allocate(&s_out).ok());  sapi::v::Struct<sapi::zlib::z_stream> s_zst;    constexpr char kZlibVersion[] = "1.2.11";  sapi::v::Array<char> s_version(kZlibVersion, ABSL_ARRAYSIZE(kZlibVersion));  CHECK(api.deflateInit_(s_zst.PtrBoth(), /*level=*/4, s_version.PtrBefore(),                          sizeof(sapi::zlib::z_stream).ValueOrDie() == Z_OK));
 CHECK(sandbox.TransferToSandboxee(&s_chunk).ok());  s_zst.mutable_data()->avail_in = chunk.size();  s_zst.mutable_data()->next_in = reinterpet_cast<uint8_t*>(s_chunk.GetRemote());  s_zst.mutable_data()->avail_out = out->size();  s_zst.mutable_data()->next_out = reinterpret_cast<uint8_t*>(s_out.GetRemote());  CHECK(api.deflate(s_zst.PtrBoth(), Z_FINISH).ValueOrDie() != Z_STREAM_ERROR);  CHECK(sandbox.TransferFromSandboxee(&s_out).ok());  out->resize(s_zst.data().avail_out);
 CHECK(api.deflateEnd(s_zst.PtrBoth()).ok());}As you can see, when using Sandboxed API there is extra code for setting up the sandbox itself and for transferring memory to and from the sandboxee, but other than that, the code flow stays the same.

Try for yourself

It only takes a few moments to get up and running with Sandboxed API. If Bazel is installed:
sudo apt-get install python-typing python-clang-7 libclang-7-dev linux-libc-devgit clone github.com/google/sandboxed-api && cd sandboxed-apibazel test //sandboxed_api/examples/stringop:main_stringopThis will download the necessary dependencies and run the project through its paces. More detailed instructions can be found in our Getting Started guide and be sure to check out the examples for Sandboxed API.

Where do we go from here?

Sandboxed API and Sandbox2 are used by many teams at Google. While the project is mature, we do have plans for the future beyond just maintaining it:

  • Support more operating systems - So far, only Linux is supported. We will look into bringing Sandboxed API to the Unix-like systems like the BSDs (FreeBSD, OpenBSD) and macOS. A Windows port is a bigger undertaking and will require some more groundwork to be done.
  • New sandboxing technologies - With things like hardware-virtualization becoming almost ubiquitous, confining code into VMs for sandboxing opens up new possibilities.
  • Build system - Right now, we are using Bazel to build everything, including dependencies. We acknowledge that this is not how everyone will want to use it, so CMake support is high on our priority list.
  • Spread the word - Use Sandboxed API to secure open source projects. If you want to get involved, this work is also eligible for the Patch Reward Program.
Get involved
We are constantly looking at improving Sandboxed API and Sandbox2 as well as adding more features: supporting more programming runtimes, different operating systems or alternative containment technologies.
Check out the Sandboxed API GitHub repository. We will be happy to consider your contributions and look forward to any suggestions to help improve and extend this code.
Kategorie: Hacking & Security

Google, Microsoft work together for a year to figure out new type of Windows flaw

Ars Technica - 18 Březen, 2019 - 19:36

Enlarge (credit: Marco Verch / Flickr)

One of the more notable features of Google Project Zero's (GPZ) security research has been its 90-day disclosure policy. In general, vendors are given 90 days to address issues found by GPZ, after which the flaws will be publicly disclosed. But sometimes understanding a flaw and developing fixes for it takes longer than 90 days—sometimes, much longer, such as when a new class of vulnerability is found. That's what happened last year with the Spectre and Meltdown processor issues, and it has happened again with a new Windows issue.

Google researcher James Forshaw first grasped that there might be a problem a couple of years ago when he was investigating the exploitability of another Windows issue published three years ago. In so doing, he discovered the complicated way in which Windows performs permissions checks when opening files or other secured objects. A closer look at the involved parts showed that there were all the basic elements to create a significant elevation of privilege attack, enabling any user program to open any file on the system, regardless of whether the user should have permission to do so. The big question was, could these elements be assembled in just the right way to cause a problem, or would good fortune render the issue merely theoretical?

The basic rule is simple enough: when a request to open a file is being made from user mode, the system should check that the user running the application that's trying to open the file has permission to access the file. The system does this by examining the file's access control list (ACL) and comparing it to the user's user ID and group memberships. However, if the request is being made from kernel mode, the permissions checks should be skipped. That's because the kernel in general needs free and unfettered access to every file.

Read 15 remaining paragraphs | Comments

Kategorie: Hacking & Security

Fourth Major Credential Spill in a Month Hits DreamMarket

Threatpost - 18 Březen, 2019 - 18:29
Gnosticplayers has released about 26 million records from what he said are breaches of six new companies.
Kategorie: Hacking & Security

Mirai Variant Goes After Enterprise Systems

Threatpost - 18 Březen, 2019 - 17:44
The newest Mirai variant is targeting WePresent WiPG-1000 Wireless Presentation systems and LG Supersign TVs used by enterprises.
Kategorie: Hacking & Security

Google Gives Users More Choice with Location-Tracking Apps

Threatpost - 18 Březen, 2019 - 17:41
Developers will have a new option to for Android apps to track location only when in use.
Kategorie: Hacking & Security

Home DNA kit company now lets users opt out of FBI data sharing

Sophos Naked Security - 18 Březen, 2019 - 17:20
FamilyTreeDNA has disclosed that it's opened up DNA profiles to the FBI to help find suspects of violent crime.

Privacy Regulations Needed for Next-Gen Cars

Threatpost - 18 Březen, 2019 - 16:46
With wide deployment expected in the next decade, the driverless automobile landscape looks fraught – from road safety to data protection.
Kategorie: Hacking & Security

Windows Defender ochrání ve firmách Chrome a Firefox před podvodnými stránkami

Zive.cz - bezpečnost - 18 Březen, 2019 - 16:30
Microsoft již delší dobu nabízí firmám Application Guard, který umožňuje lépe chránit počítač izolováním jednotlivých spuštěných aplikací a stránek. S novým rozšířením se funkce přesouvá i do Chromu a Firefoxu a pokud si uživatel zobrazí nedůvěryhodnou stránku, zablokuje ji s tím, že ji stále půjde ...
Kategorie: Hacking & Security

Hack the Box(HTB) Machines Walkthrough Series — Tenten

InfoSec Institute Resources - 18 Březen, 2019 - 16:10

Continuing with our series on Hack The Box (HTB) machines, this article contains the walkthrough of an HTB machine named Tenten. HTB is an excellent platform that hosts machines belonging to multiple OSes. It also has some other challenges as well. Individuals have to solve the puzzle (simple enumeration plus pentest) in order to log […]

The post Hack the Box(HTB) Machines Walkthrough Series — Tenten appeared first on Infosec Resources.

Hack the Box(HTB) Machines Walkthrough Series — Tenten was first posted on March 18, 2019 at 10:10 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

CCNA versus CCNP Difficulty

InfoSec Institute Resources - 18 Březen, 2019 - 14:02

Introduction For anyone starting a new project, the wise thing to do is to “count the cost.” This also holds true for those just starting out in their Cisco (or networking-related) career. One of the questions people at this phase of their career ask is, “How does the CCNP certification compare to the CCNA certification, […]

The post CCNA versus CCNP Difficulty appeared first on Infosec Resources.

CCNA versus CCNP Difficulty was first posted on March 18, 2019 at 8:02 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Secure Coding — Top 15 Code Analysis Tools

InfoSec Institute Resources - 18 Březen, 2019 - 14:00

Keeping code secure is a top objective for any software company. And to ensure secure coding, you need to perform code analysis during the development life cycle. While manual review of code was once the only option, now there are plenty of tools that can take care of this in an automated fashion. This is […]

The post Secure Coding — Top 15 Code Analysis Tools appeared first on Infosec Resources.

Secure Coding — Top 15 Code Analysis Tools was first posted on March 18, 2019 at 8:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Conferences

InfoSec Institute Resources - 18 Březen, 2019 - 13:59

Here are the following events Infosec will be at this year. NCSA Cybersecure My Business March 25, 2019 | San Jose, CA LendIT FinTech – Booth 1310 April 8-9, 2019 | San Francisco, CA Use code INFOSEC5% for a discount! Data Connectors Chicago  – Exhibit Hall May 9, 2019 | Chicago, IL CIO Visions Summit […]

The post Conferences appeared first on Infosec Resources.

Conferences was first posted on March 18, 2019 at 7:59 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

DARPA is working on an open source, secure e-voting system

Sophos Naked Security - 18 Březen, 2019 - 13:35
The US Government is working on an electronic voting system that it hopes will prevent people from tinkering with voting machines at the polls.

Intel releases patches for code execution vulnerabilities

Sophos Naked Security - 18 Březen, 2019 - 13:11
Intel released patches last week, fixing a range of vulnerabilities that could allow attackers to execute code on affected devices.

G Suite admins can now disallow SMS and voice authentication

Sophos Naked Security - 18 Březen, 2019 - 12:31
Users of G Suite may find that the option to authenticate themselves via SMS or voice call has suddenly disappeared.
Syndikovat obsah