A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a weakness handling of LNK files in Windows, through which one may force the OS to download an arbitrary file from a remote server any time the shortcut file is displayed.
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a vulnerability in the way Windows handles self-referential links, which makes it possible to use specially crafted URL and LNK files to crash Explorer.
Videos of all presentations from last weeks CrisisCon are now accessible on Youtube. Among them is my own talk on known unpatched vulnerabilities and weaknesses in Windows. If you couldn’t make it to the online conference, I recommend you at least go through some of the recordings as couple of the talks were quite interesting.
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a vulnerability in the way Windows handles desktop.ini files, which makes it possible to use them as an interesting post-exploitation tool.
A Diary of mine was published today on the SANS Internet Storm Center. This one deals with a strange side effect of the way in which Windows deals with file permissions, which enables any user, regardless of permissions, to brute-force contents of any local folder.
Information concerning number of devices vulnerable to Heartbleed vulnerability has appeared in the news during September. Given that the existence of Heartbleed was made public almost a year and a half ago it may be surprising that the number of vulnerable devices exceeds 200.000. Affair concerning the Stagefright vulnerability (which was mentioned in the last Looking back) continued in September when Zimperium – the company which discovered Stagefright – released a proof-of-concept code which exploits the vulnerability.
During April, we have witnessed - among others - a discovery of an 18 years old “Redirect to SMB” vulnerability which can be used to attack all versions of Windows released since then. The vulnerability can be exploited in cases when attacker has some control over the network, enabling him to gain user login information by redirecting of network traffic to a malicious SMB (server message block) server. The server forces the target to automatic authorization process during which the target sends users login, domain and hashed password.
Looking back at March, probably the most important information security news has been discovery of a significant vulnerability (which could be exploited using a FREAK attack) in some TLS/SSL implementations, including the ones used by Windows operating systems. Another worth while news has been a discovery of a new campaign aimed at energy sector companies in the Middle East. Trojan Laizok - a reconnaissance malware for gathering information about infected systems - has been used in the campaign, along with other malicious programs which have been modified for specific systems based on the information gathered by Laizok.
Dramatic information security incidents and news were unfortunately fairly common in February – we will shortly remember three of the most interesting ones. Most attention was probably gained by a story about an alleged theft of massive amount of encryption keys used in mobile communication from the network of Dutch company Gemalto (a major SIM card supplier) by NSA and GCHQ. The keys could be used to decrypt live communication and also, for example, remotely inject malicious code into end devices.