Nasty Windows Printer Driver Vulnerability

From SentinelLabs, a critical vulnerability in HP printer drivers:

Researchers have released technical details on a high-severity privilege-escalation flaw in HP printer drivers (also used by Samsung and Xerox), which impacts hundreds of millions of Windows machines.

If exploited, cyberattackers could bypass security products; install programs; view, change, encrypt or delete data; or create new accounts with more extensive user rights.

The bug (CVE-2021-3438) has lurked in systems for 16 years, researchers at SentinelOne said, but was only uncovered this year. It carries an 8.8 out of 10 rating on the CVSS scale, making it high-severity…

Continue reading Nasty Windows Printer Driver Vulnerability

Candiru: Another Cyberweapons Arms Manufacturer

Citizen Lab has identified yet another Israeli company that sells spyware to governments around the world: Candiru.
From the report:

Summary:

Candiru is a secretive Israel-based company that sells spyware exclusively to governments. Reportedly, their… Continue reading Candiru: Another Cyberweapons Arms Manufacturer

Secure way to run a linux binary which needs access to ressources only available to root?

As a developer, I ask how to approach security concerns regarding permissions of a binary which needs access to resources only available to root users.
For example, let’s think of a simple tool which creates a virtual device or executes co… Continue reading Secure way to run a linux binary which needs access to ressources only available to root?

Dell BIOSConnect Flaws Show Over-the-Air Risks

Because tech vendors have turned to over-the-air updates – the idea is to not give their customers any excuses for not keeping firmware current – Eclypsium’s discovery of a chain of four vulnerabilities in the BIOSConnect feature within Dell Client BI… Continue reading Dell BIOSConnect Flaws Show Over-the-Air Risks

SUID Priv Escalation – LD_LIBRARY_PATH versus ldconfig and /etc/ld.so.conf

Background
Currently doing some vulnservers on Offensive Security’s Proving Grounds Practice Labs. A vulnserver is a machine configured with vulnerabilities for testing/audit and research purposes.
I came across a machine that had a cronjo… Continue reading SUID Priv Escalation – LD_LIBRARY_PATH versus ldconfig and /etc/ld.so.conf

The role of endpoints in the security of your network

Endpoint security is a hot topic of discussion, especially now with so many businesses shifting to remote work. First, let’s define what endpoints are. Endpoints are end-user devices like desktops, laptops, and mobile devices. They serve as points of a… Continue reading The role of endpoints in the security of your network