Jonathan Bennett – Page 43 – WindowsTechs.com

This Week in Security: In the Wild, Through Your NAT, and Brave

Posted on November 6, 2020 by Jonathan Bennett

Most of the stories from this week are vulnerabilities dropped before fixes are available, many of them actively being exploited. Strap yourselves in!

Windows Kernel Crypto

The first is CVE-2020-17087, an issue in the Windows Kernel Cryptography Driver. The vulnerable system calls are accessible from unprivileged user-space, and potentially even …read more

Continue reading This Week in Security: In the Wild, Through Your NAT, and Brave→

This Week in Security: Discord, Chromium, and WordPress Forced Updates

Posted on October 30, 2020 by Jonathan Bennett

[Masato Kinugawa] found a series of bugs that, when strung together, allowed remote code execution in the Discord desktop app. Discord’s desktop application is an Electron powered app, meaning it’s a web page rendered on a bundled light-weight browser. Building your desktop apps on JavaScript certainly makes life easier for …read more

Continue reading This Week in Security: Discord, Chromium, and WordPress Forced Updates→

This Week in Security: Too Little Too Late, and Other Stories

Posted on October 23, 2020 by Jonathan Bennett

Microsoft has just announced a way to disable JScript in Internet Explorer. This would have been very useful a few years ago, to proactively prevent problems found in the now-ancient JScript engine, which ran their own slightly different version of standard JavaScript. Even though IE is no longer under active …read more

Continue reading This Week in Security: Too Little Too Late, and Other Stories→

This Week in Security: BleedingTooth, Bad Neighbors, and Unpickable Locks

Posted on October 16, 2020 by Jonathan Bennett

This week, the first details of BleedingTooth leaked onto Twitter, setting off a bit of a frenzy. The full details have yet to be released, but what we know is concerning enough. First off, BleedingTooth isn’t a single vulnerability, but is a set of at least 3 different CVEs (Shouldn’t …read more

Continue reading This Week in Security: BleedingTooth, Bad Neighbors, and Unpickable Locks→

This Week in Security: Code Scanning, Information Gathering, and Seams in the Cloud

Posted on October 9, 2020 by Jonathan Bennett

GitHub has enabled free code analysis on public repositories. This is the fruit of the purchase of Semmle, almost exactly one year ago. Anyone with write permissions to a repository can go into the settings, and enable scanning. Beyond the obvious use case of finding vulnerabilities, an exciting option is …read more

Continue reading This Week in Security: Code Scanning, Information Gathering, and Seams in the Cloud→

This Week in Security: PunkBuster, NAT, NAS and MP3s

Posted on October 2, 2020 by Jonathan Bennett

Ah, the ever-present PDF, and our love-hate relationship with the format. We’ve lost count of how many vulnerabilities have been fixed in PDF software, but it’s been a bunch over the years. This week, we’re reminded that Adobe isn’t the only player in PDF-land, as Foxit released a round of …read more

Continue reading This Week in Security: PunkBuster, NAT, NAS and MP3s→

This Week in Security: uTorrent Vulnerable, Crowd-Sourcing Your Fail2Ban, and Cryptographers at Casinos

Posted on September 25, 2020 by Jonathan Bennett

The uTorrent client was recently updated to fix a null pointer dereference (CVE-2020-8437), discovered by [whtaguy]. Triggering the dereference simply crashes the client — so far an actual RCE hasn’t been found. Given the nature of the null pointer dereference, it’s possible this bug is limited to denial of service. …read more

Continue reading This Week in Security: uTorrent Vulnerable, Crowd-Sourcing Your Fail2Ban, and Cryptographers at Casinos→

This Week in Security: AD has Fallen, Two Factor Flaws, And Hacking Politicians

Posted on September 18, 2020 by Jonathan Bennett

The big news this week is the huge flaw in Microsoft’s Active Directory, CVE-2020-1472 (whitepaper). Netlogon is a part of the Windows domain scheme, and is used to authenticate users without actually sending passwords over the network. Modern versions of Windows use AES-CFB8 as the cryptographic engine that powers Netlogon …read more

Continue reading This Week in Security: AD has Fallen, Two Factor Flaws, And Hacking Politicians→

Security this Week: Racoons in My TLS, Bypassing Frontends, and Obscurity

Posted on September 11, 2020 by Jonathan Bennett

Raccoon is the next flashy security flaw with a name, cute logo, and a website (and a PDF). Raccoon is a flaw in TLS version prior to 1.3, and seems to be a clever bit of work, albeit one with limited real-world application. The central problem is that these older …read more

Continue reading Security this Week: Racoons in My TLS, Bypassing Frontends, and Obscurity→

This Week in Security: Zero Days, Notarized Malware, Jedi Mind Tricks, and more

Posted on September 4, 2020 by Jonathan Bennett

Honeypots are an entertaining way to learn about new attacks. A simulated vulnerable system is exposed to the internet, inviting anyone to try to break into it. Rather than actually compromising a deployed device, and attacker just gives away information about how they would attack the real thing. A honeypot …read more

Continue reading This Week in Security: Zero Days, Notarized Malware, Jedi Mind Tricks, and more→