Watch out for cyberthreats during the “work from home” boom

Are you getting settled in your new home office? COVID-19 has changed people’s working habits drastically, but hackers are trying to take advantage, so how can organizations be prepared and why do companies need to analyze their network traffic? Due to COVID-19, almost all of the world’s major IT companies have moved most employees to work from home. These include Amazon, Apple, Facebook, Google, Instagram, … Continue reading Watch out for cyberthreats during the “work from home” boom

Case study: Searching for a vulnerability pattern in the Linux kernel

This short article describes the investigation of one funny Linux kernel vulnerability and my experience with Semmle QL and Coccinelle, which I used to search for similar bugs. The kernel bug Several days ago my custom syzkaller instance got an interesting crash. It had a stable reproducer and I started the investigation. Here I will take the opportunity to say that syzkaller is an awesome … Continue reading Case study: Searching for a vulnerability pattern in the Linux kernel

How analyzing one critical DHCP vulnerability in Windows 10 led to discovery of two more

Image credit: Unsplash  As described in our earlier article about CVE-2019-0726, sometimes a search for details of a known vulnerability leads to discovery of a new one. Sometimes even more than one. The article touched upon two functions of the library dhcpcore.dll: UpdateDomainSearchOption, mentioned in passing, and DecodeDomainSearchListData which is called by the first function and was described in more detail. As always happens when … Continue reading How analyzing one critical DHCP vulnerability in Windows 10 led to discovery of two more

Advanced attacks on Microsoft Active Directory: detection and mitigation

Attacks on Microsoft Active Directory have been a recurrent topic of reports on Black Hat and Defcon during the last four years. Speakers tell about new vectors, share their inventions, and give recommendations on detection and avoidance of these vectors. I believe that the IT department is capable of creating a secure infrastructure, which can be monitored by the security department. High-quality monitoring, in its … Continue reading Advanced attacks on Microsoft Active Directory: detection and mitigation

Positive Technologies researcher finds vulnerability enabling disclosure of Intel ME encryption keys

Image credit: Unsplash Intel has issued a patch in response to a serious vulnerability in Intel ME firmware discovered by Positive Technologies expert Dmitry Sklyarov. The vulnerability involved security mechanisms in the MFS file system, which Intel ME uses to store data. By exploiting this flaw, attackers could manipulate the state of MFS and extract important secrets. Intel ME (short for \”Management Engine\”) stores data … Continue reading Positive Technologies researcher finds vulnerability enabling disclosure of Intel ME encryption keys

How to Hack a Turned-off Computer, or Running Unsigned Code in Intel ME

At the recent Black Hat Europe conference, Positive Technologies researchers Mark Ermolov and Maxim Goryachy spoke about the vulnerability in Intel Management Engine 11, which opens up access to most of the data and processes on the computer. Such level of access also means that any attacker exploiting this vulnerability, once bypassed traditional software-based protection, will be able to conduct attacks even when the computer … Continue reading How to Hack a Turned-off Computer, or Running Unsigned Code in Intel ME

Critical KRACK Flaws in WPA Wi-Fi Security: Here’s How to Protect Yourself

Security researchers from Belgian University KU Leuven revealed a key reinstallation attack vulnerability in the WPA2 Wi-Fi protocol. Using this flaw an attacker within range of a person logged onto a wireless network could use key reinstallation attacks to bypass WPA2 network security and read information that should have been securely encrypted. What are the possible consequences of this revelation and how end users can … Continue reading Critical KRACK Flaws in WPA Wi-Fi Security: Here’s How to Protect Yourself

Web application vulnerability report: time to dig into the source code

Introduction Every year, web applications expand their presence in more and more areas. Almost every business has its own web applications for clients and for internal business processes. However, application functionality is often prioritized at the expense of security, which negatively affects the security level of the entire business. As a result, web application vulnerabilities provide massive opportunities for malicious actors. By taking advantage of … Continue reading Web application vulnerability report: time to dig into the source code

SigPloit framework published: telecom vulnerability testing of SS7, GTP, Diameter, and SIP made easy

Code for the open-source SigPloit framework has been published on GitHub by security researcher Loay Abdelrazek. SigPloit is a convenient framework for testing for vulnerabilities in telecommunication protocols. We cannot say state that this project will have a big effect on the security situation, but this is definitely one of the alarm bells that should be noted by telecom industry. What SigPloit does As described … Continue reading SigPloit framework published: telecom vulnerability testing of SS7, GTP, Diameter, and SIP made easy

A closer look at the CVE-2017-0263 privilege escalation vulnerability in Windows

May has been a busy month for vulnerabilities in the world\’s most popular desktop operating system. Hackers have made headlines with massive infections by WannaCry ransomware, which exploits an SMB security flaw and the ETERNALBLUE tool. Shortly prior, on May 9, Microsoft fixed CVE-2017-0263, which had made it possible for attackers to gain maximum system privileges on PCs running Windows 10, Windows 8.1, Windows 7, … Continue reading A closer look at the CVE-2017-0263 privilege escalation vulnerability in Windows