PoC – Page 17 – WindowsTechs.com

Google releases details, PoC exploit code for IE, Edge flaw

Posted on February 27, 2017 by Zeljka Zorz

As we’re impatiently waiting for Microsoft to patch vulnerabilities that were scheduled to be fixed in February, Google has released details about a serious vulnerability in the Internet Explorer and Edge browsers. What’s more, the report also contains POC code that, if implemented in web pages, should crash vulnerable browsers. Savvy attackers could perhaps use it as a first step of an attack that could ultimately result in remote code execution. But Google Project Zero … More → Continue reading Google releases details, PoC exploit code for IE, Edge flaw→

New attack sounds death knell for widely used SHA-1 crypto hash function

Posted on February 24, 2017 by Zeljka Zorz

SHA-1 is definitely, provenly dead, as a group of researchers from CWI Institute in Amsterdam and Google have demonstrated the first practical technique for generating a collision. What is SHA-1? SHA-1 is a cryptographic hash function that has been used for years now to assure data integrity. It has been used in distributed software revision control systems (to identify revisions and to detect data corruption or tampering), to sign security certificates, and for many other … More → Continue reading New attack sounds death knell for widely used SHA-1 crypto hash function→

Detecting PLC malware in industrial control systems

Posted on February 21, 2017 by Zeljka Zorz

How can attackers load programmable logic controllers (PLC) with destructive malware, and how can the operators of industrial control systems (ICS) detect it? According to a group of researchers from the International Institute of Information Technology, Hyderabad, and Singapore University of Technology and Design, the trick is not to attempt to change the PLC’s firmware, but to deploy ladder logic bombs (i.e. malware written in ladder logic). The PLC malware “ICS and Supervisory Control and … More → Continue reading Detecting PLC malware in industrial control systems→

Exploit for Windows DoS zero-day published, patch out on Tuesday?

Posted on February 3, 2017 by Zeljka Zorz

A zero-day bug affecting Windows 10, 8.1, Windows Server 2012 and 2016 can be exploited to crash a vulnerable system and possibly even to compromise it. The bug It is a memory corruption bug in the handling of SMB traffic that could be easily exploited by forcing a Windows system to connect to a malicious SMB share. Tricking a user to connect to such a server should be an easy feat if clever social engineering … More → Continue reading Exploit for Windows DoS zero-day published, patch out on Tuesday?→

Nagios 4.2.4 closes serious root privilege escalation bug

Posted on December 16, 2016 by Zeljka Zorz

If you’re using Nagios to monitor your systems, networks and infrastructure, and you have not updated to version 4.2.4, you better hop to it. This latest release fixes a high severity root privilege escalation vulnerability (CVE-2016-9566) discovered by researcher Dawid Golunski, who published a proof-of-concept exploit for it on Thursday. “Nagios Core daemon in versions below 4.2.4 was found to perform unsafe operations when handling the log file. This could be exploited by malicious local … More → Continue reading Nagios 4.2.4 closes serious root privilege escalation bug→

Samsung Knox flaws open unpatched devices to compromise

Posted on October 4, 2016 by Zeljka Zorz

Researchers from Viral Security Group have discovered three vulnerabilities in Samsung Knox, a security platform that allows users to maintain separate identities for work and personal use, and is built into some of the company’s Android smartphones and tablets. Knox is meant to protect the integrity of the entire device – both hardware and software – but apparently there are ways to bypass some of those protections, specifically those offered by the Real-time Kernel Protection … More → Continue reading Samsung Knox flaws open unpatched devices to compromise→

MySQL 0-day could lead to total system compromise

Posted on September 12, 2016 by Zeljka Zorz

Researcher Dawid Golunski has discovered multiple severe vulnerabilities affecting the popular open source database MySQL and its forks (e.g. MariaDB, Percona). One of these – CVE-2016-6662 – can be exploited by attackers to inject malicious settings into MySQL configuration files or create new ones, allowing them to execute arbitrary code with root privileges when the MySQL service is restarted. This could lead to total compromise of the server running the vulnerable MySQL version. “The vulnerability … More → Continue reading MySQL 0-day could lead to total system compromise→

QRLJacking: A new attack vector for hijacking online accounts

Posted on August 1, 2016 by Zeljka Zorz

We all know that scanning random QR codes is a risky proposition, but a newly detailed social engineering attack vector dubbed QRLJacking adds another risk layer to their use. Many web apps and services offer the option of using QR codes for logging into the service: chat apps like WhatsApp and Weibo, email service QQ Mail, e-commerce services like Alibaba and Aliexpress, and others. As detailed by Seekurity Labs researcher Mohamed Abdelbasset Elnouby, QRLJacking (i.e. … More → Continue reading QRLJacking: A new attack vector for hijacking online accounts→

UAC bypass attack on Windows 10 allows malicious DLL loading

Posted on July 26, 2016 by Zeljka Zorz

Security researchers Matt Graeber and Matt Nelson have discovered a way to run a malicious DLL on Windows 10 without the User Account Control (UAC) springing into action and alerting users of the potential danger. What is User Account Control (UAC)? UAC is a technology that’s meant to improve the security of the OS by preventing software – or, more importantly, malware – to run with administrative privileges unless explicitly authorized to do so by … More → Continue reading UAC bypass attack on Windows 10 allows malicious DLL loading→

BMW ConnectedDrive flaws could be misused to tamper with car settings

Posted on July 8, 2016 by Zeljka Zorz

Security researcher Benjamin Kunz Mejri has found two vulnerabilities in the BMW ConnectedDrive web portal/web application. About the vulnerabilities in BMW ConnectedDrive The first one is a client-side cross site scripting web vulnerability that could be exploited by a remote attacker without a privileged account to inject his own malicious script codes to the client-side of the affected module context. Minimal user interaction is needed for this attack to work. “Successful exploitation of the vulnerability … More → Continue reading BMW ConnectedDrive flaws could be misused to tamper with car settings→