PoC – Page 17 – WindowsTechs.com

Unpatched flaw opens Ubiquiti Networks devices to compromise

Posted on March 17, 2017 by Zeljka Zorz

A critical vulnerability in many of Ubiquiti Networks’ networking devices can be exploited by attackers to take over control of the device and, if that device acts as a router or firewall, to take over the whole network. The vulnerability The command injection flaw was found in the “pingtest_action.cgi” script and, according to SEC Consult’s Thomas Weber (the researcher who unearthed it in November 2016), one of the reason behind the vulnerability is that the … More → Continue reading Unpatched flaw opens Ubiquiti Networks devices to compromise→

185,000+ vulnerable Wi-Fi cameras just waiting to be hijacked

Posted on March 9, 2017 by Zeljka Zorz

A generic wireless camera manufactured by a Chinese company and sold around the world under different names and brands can be easily hijacked and/or roped into a botnet. The flaw that allows this to happen is found in a custom version of GoAhead, a lightweight embedded web server that has been fitted into the devices. This and other vulnerabilities have been found by security researcher Pierre Kim, who tested one of the branded cameras – … More → Continue reading 185,000+ vulnerable Wi-Fi cameras just waiting to be hijacked→

Western Digital My Cloud NAS devices wide open to attackers

Posted on March 8, 2017 by Zeljka Zorz

Western Digital My Cloud NAS devices have again been found wanting in the security department, as two set of researchers have revealed a number of serious flaws in the devices’ firmware. WD My Cloud is meant to be a private cloud environment hosted at home or at a small organization’s office, and can be accessed either from a desktop located on the same network or remotely, with a smartphone, from wherever else in the world. … More → Continue reading Western Digital My Cloud NAS devices wide open to attackers→

Google releases details, PoC exploit code for IE, Edge flaw

Posted on February 27, 2017 by Zeljka Zorz

As we’re impatiently waiting for Microsoft to patch vulnerabilities that were scheduled to be fixed in February, Google has released details about a serious vulnerability in the Internet Explorer and Edge browsers. What’s more, the report also contains POC code that, if implemented in web pages, should crash vulnerable browsers. Savvy attackers could perhaps use it as a first step of an attack that could ultimately result in remote code execution. But Google Project Zero … More → Continue reading Google releases details, PoC exploit code for IE, Edge flaw→

New attack sounds death knell for widely used SHA-1 crypto hash function

Posted on February 24, 2017 by Zeljka Zorz

SHA-1 is definitely, provenly dead, as a group of researchers from CWI Institute in Amsterdam and Google have demonstrated the first practical technique for generating a collision. What is SHA-1? SHA-1 is a cryptographic hash function that has been used for years now to assure data integrity. It has been used in distributed software revision control systems (to identify revisions and to detect data corruption or tampering), to sign security certificates, and for many other … More → Continue reading New attack sounds death knell for widely used SHA-1 crypto hash function→

Detecting PLC malware in industrial control systems

Posted on February 21, 2017 by Zeljka Zorz

How can attackers load programmable logic controllers (PLC) with destructive malware, and how can the operators of industrial control systems (ICS) detect it? According to a group of researchers from the International Institute of Information Technology, Hyderabad, and Singapore University of Technology and Design, the trick is not to attempt to change the PLC’s firmware, but to deploy ladder logic bombs (i.e. malware written in ladder logic). The PLC malware “ICS and Supervisory Control and … More → Continue reading Detecting PLC malware in industrial control systems→

Exploit for Windows DoS zero-day published, patch out on Tuesday?

Posted on February 3, 2017 by Zeljka Zorz

A zero-day bug affecting Windows 10, 8.1, Windows Server 2012 and 2016 can be exploited to crash a vulnerable system and possibly even to compromise it. The bug It is a memory corruption bug in the handling of SMB traffic that could be easily exploited by forcing a Windows system to connect to a malicious SMB share. Tricking a user to connect to such a server should be an easy feat if clever social engineering … More → Continue reading Exploit for Windows DoS zero-day published, patch out on Tuesday?→

Nagios 4.2.4 closes serious root privilege escalation bug

Posted on December 16, 2016 by Zeljka Zorz

If you’re using Nagios to monitor your systems, networks and infrastructure, and you have not updated to version 4.2.4, you better hop to it. This latest release fixes a high severity root privilege escalation vulnerability (CVE-2016-9566) discovered by researcher Dawid Golunski, who published a proof-of-concept exploit for it on Thursday. “Nagios Core daemon in versions below 4.2.4 was found to perform unsafe operations when handling the log file. This could be exploited by malicious local … More → Continue reading Nagios 4.2.4 closes serious root privilege escalation bug→

Samsung Knox flaws open unpatched devices to compromise

Posted on October 4, 2016 by Zeljka Zorz

Researchers from Viral Security Group have discovered three vulnerabilities in Samsung Knox, a security platform that allows users to maintain separate identities for work and personal use, and is built into some of the company’s Android smartphones and tablets. Knox is meant to protect the integrity of the entire device – both hardware and software – but apparently there are ways to bypass some of those protections, specifically those offered by the Real-time Kernel Protection … More → Continue reading Samsung Knox flaws open unpatched devices to compromise→

MySQL 0-day could lead to total system compromise

Posted on September 12, 2016 by Zeljka Zorz

Researcher Dawid Golunski has discovered multiple severe vulnerabilities affecting the popular open source database MySQL and its forks (e.g. MariaDB, Percona). One of these – CVE-2016-6662 – can be exploited by attackers to inject malicious settings into MySQL configuration files or create new ones, allowing them to execute arbitrary code with root privileges when the MySQL service is restarted. This could lead to total compromise of the server running the vulnerable MySQL version. “The vulnerability … More → Continue reading MySQL 0-day could lead to total system compromise→