Tag Archives: security flaw

Critical Telegram flaw under attack disguised malware as benign images

By Dan Goodin

Enlarge (credit: Kaspersky Lab)

Makers of the Telegram instant messenger have fixed a critical vulnerability that hackers were actively exploiting to install malware on users’ computers, researchers said Tuesday.

The flaw, which resided in the Windows version of the messaging app, allowed attackers to disguise the names of attached files, researchers from security firm Kaspersky Lab said in a blog post. By using the text-formatting standard known as Unicode, attackers were able to cause characters in file names to appear from right to left, instead of the left-to-right order that’s normal for most Western languages.

The technique worked by using the special Unicode formatting *U+202E* which causes text strings following it to be displayed from right to left. As a result, Telegram for Windows converted files with names such as “photo_high_regnp.js” to “photo_high_resj.png,” giving the appearance they were benign image files rather than files that executed code.

Read 2 remaining paragraphs | Comments

Source:: Ars Tecnica


Follow Tim on Twitter @tl1000rzx2
Or check out my other Tablet Site: THE Tablet Test Server
Or perhaps you need web hosting for a mere $5.95/month?.
Shop Our Sponsor


Shop Our Sponsor


HP Laptops at Super Low Prices!

Microsoft is forcing users to install a critically flawed password manager

By Dan Goodin

Enlarge (credit: Microsoft)

Microsoft is quietly forcing some Windows 10 computers to install a password manager that contains a critical vulnerability disclosed 16 months ago that allows websites to steal passwords, a researcher said Friday.

Google Project Zero researcher Tavis Ormandy said in a blog post that the Keeper Password Manager came pre-installed on a newly built Windows 10 system derived directly from the Microsoft Developer Network. When he tested the unwanted app, he soon found it contained a critical flaw he had found in August 2016 in the non-bundled version of Keeper. The bug, he said, represents “a complete compromise of Keeper security, allowing any website to steal any password.”

With only basic changes to “selectors,” the old proof-of-concept exploit worked on the version installed without notice or permission on his Windows 10 system. Ormandy’s post linked to this publicly available proof-of-concept exploit, which steals an end user’s Twitter password if it’s stored in the Keeper app. Ormandy said Keeper developers have released a fixed version. Keeper representatives didn’t immediately respond to questions for this post.

Read 2 remaining paragraphs | Comments

Source:: Ars Tecnica


Follow Tim on Twitter @tl1000rzx2
Or check out my other Tablet Site: THE Tablet Test Server
Or perhaps you need web hosting for a mere $5.95/month?.
Shop Our Sponsor


Shop Our Sponsor


HP Laptops at Super Low Prices!

Broadcom chip bug opened 1 billion phones to a Wi-Fi-hopping worm attack

By Dan Goodin

Enlarge (credit: Cheon Fong Liew)

LAS VEGAS—It’s not often that a security researcher devises an attack that can unleash a self-replicating attack that, with no user interaction, threatens 1 billion smartphones. But that’s just what Nitay Artenstein of Exodus Intelligence did in a feat that affected both iOS and Android devices.

At the Black Hat security conference, Artenstein demonstrated proof-of-concept attack code that exploited a vulnerability in Wi-Fi chips manufactured by Broadcom. It fills the airwaves with probes that request connections to nearby computing devices. When the specially devised requests reach a device using the BCM43xx family of Wi-Fi chipsets, the attack rewrites the firmware that controls the chip. The compromised chip then sends the same malicious packets to other vulnerable devices, setting off a potential chain reaction. Until early July and last week—when Google and Apple issued patches respectively—an estimated 1 billion devices were vulnerable to the attack. Artenstein has dubbed the worm Broadpwn.

Although the flaw is now closed, the hack has important lessons as engineers continue their quest to secure mobile phones and other computing devices. Security protections such as address space layout randomization and data execution prevention have now become standard parts of the operating systems and apps. As a result, attackers have to work hard to exploit buffer overflows and other types of software vulnerabilities. That extra work largely makes self-replicating worms impossible. Artenstein’s exploit, however, suggests that such worms are by no means impossible.

Read 5 remaining paragraphs | Comments

Source:: Ars Technica Gadgets


Follow Tim on Twitter @tl1000rzx2
Or check out my other Tablet Site: THE Tablet Test Server
Or perhaps you need web hosting for a mere $5.95/month?.
Shop Our Sponsor


Shop Our Sponsor


HP Laptops at Super Low Prices!

Serious privilege escalation bug in Unix OSes imperils servers everywhere

By Dan Goodin

Enlarge (credit: Victorgrigas)

A raft of Unix-based operating systems—including Linux, OpenBSD, and FreeBSD—contain flaws that let attackers elevate low-level access on a vulnerable computer to unfettered root. Security experts are advising administrators to install patches or take other protective actions as soon as possible.

Stack Clash, as the vulnerability is being called, is most likely to be chained to other vulnerabilities to make them more effectively execute malicious code, researchers from Qualys, the security firm that discovered the bugs, said in a blog post published Monday. Such local privilege escalation vulnerabilities can also pose a serious threat to server host providers because one customer can exploit the flaw to gain control over other customer processes running on the same server. Qualys said it’s also possible that Stack Clash could be exploited in a way that allows it to remotely execute code directly.

“This is a fairly straightforward way to get root after you’ve already gotten some sort of user-level access,” Jimmy Graham, director of product management at Qualys, told Ars. The attack works by causing a region of computer memory known as the stack to collide into separate memory regions that store unrelated code or data. “The concept isn’t new, but this specific exploit is definitely new.”

Read 5 remaining paragraphs | Comments

Source:: Ars Tecnica


Follow Tim on Twitter @tl1000rzx2
Or check out my other Tablet Site: THE Tablet Test Server
Or perhaps you need web hosting for a mere $5.95/month?.
Shop Our Sponsor


Shop Our Sponsor


HP Laptops at Super Low Prices!