Vulnerabilities & Exploits

Vulnerabilities & Exploits

A zero-day vulnerability affecting all Microsoft supported versions of Windows Operating system, including Windows Server has been identified. Also we are seen reports from iSight identifying a cyber espionage campaign already in progress to compromise exposed system

The vulnerability Exploitation is identified by CVE-2014-4114, and also known as Sandworm. It was been reportedly discovered in the wild in connection with a cyber espionage campaign that iSIGHT Partners has attributed to Russia. The zero-day vulnerability is reported as been used in early September  to infect victims with malicious attachments, primarily PowerPoint files. Although the attackers used PowerPoint as its attack vector.

 

The vulnerability exists in the OLE package manager in Microsoft Windows and Server. The OLE packager (packager .dll) is able to download and execute external files like INF, allowing the attacker to execute commands.

 

Risk Level

The Risk level appears high, because if one group could design a worm to exploit the hole, then someone will try to recode the worm and make it wide spread.

Impact – we are only at the early stage of trying to understand what we are looking at. But the if the vulnerability allows the possibility to download and execute a file that the potential impact is extremely High

 

http://www.tripwire.com/state-of-security/incident-detection/microsoft-windows-zero-day-exploit-sandworm-used-in-cyber-espionage-cve-2014-4114/

 

iSIGHT discovers zero-day vulnerability CVE-2014-4114 used in Russian cyber-espionage campaign – See more at: http://www.isightpartners.com/2014/10/cve-2014-4114/#sthash.mDSsxZ8j.dpuf

http://www.isightpartners.com/2014/10/cve-2014-4114/

.

 

http://www.theregister.co.uk/2014/10/14/isight_microsoft_announce_windows_and_windows_server_0day/


.

.
Russian Hackers Target EU, NATO

Shellshock bash Code Injection Vulnerability, what do you need to do? what is the Risk?

 

Report from SAMS ISC

 

Bash Code Injection (Shellshock) Vulnerability (CVE 2014-6271)

 

 

Cento OS Bash vulnerability that had been announced in 2014/09/24 How to FIX

 

 

How to fix bash code injection flaw on CentOS/RedHat 6x Server

 

 

HackerKast Shellshock- September 25, 2014 – WhiteHat Security

 

iPhone Skype XSS Vulnerability Lets Hackers Steal Phonebook

iPhone Skype app XSS Vulnerability. Is claimed to allow Hackers to Steal the contnet of your Phonebook. This bug in the latest version of Skype for iPhone and iPod touch makes users vulnerable to having their address book stolen just by viewing a specially crafted message, says AppSec Consulting security researcher Phil Purviance.

 

WordPress WP-DBManager Plugin Vulnerabilities

level: critical

Impact: Cross Site Scripting

Risk: Exposure of system information and Exposure of sensitive information, 

Solution: Vendor Patch

Software: WordPress WP-DBManager Plugin 2.x

Description: Two vulnerabilities have been identified in the WP-DBManager plugin for WordPress (Blog Software), which can be exploited to conduct cross-site attacks, resulting in the disclose sensitive information.

Solution: Update to version 2.62.

Roy or as he is also known as the Ghost of facebook discovered several security holes on facebook. One of these flaws was a XSS cross-site Scripting flaw. It appears that in an aim to make facebook aware of the risk exposed by one of these security issues ( which was the XSS Cross-site scripting flaw), he exploited this security flaw in by placing a message letting facebook users all over the world know he was “Off to Danao City”.

All the facebook members that received this message could not delete it or block Roy because Roy was not in their list of friends. This security flaw in facebook allowed Roy to contact a large number of facebook members that he did not have access to.

This security flaw should be a wakeup call to facebook because, because Roy may have drawn their attention to this security flaw by his actions, but what if this security flaw had been exploited by a cybercriminal with malicious intent towards the users of face book. Facebook has been lucky here because Roy has proven to them that if they don’t keep on top of their Internet Security is possible for someone to gain access to thousands of facebook users.
 

According to xssed.com a new XXS flaw was found on Facebook on January 28 2011. They report that this vulnerability leaves users at risk of scripting attacks and logins phishing. So is this the same XXS flaw that allowed Roy access. If this is the same flaw that Roy access then why did it take facebook 13 day to take action, and why did they have to be forced into taking action by Roy. We have found several sites on the internet reporting this XSS vulnerability in Facebook another example is Bkis Global Task Force Blog who reported this flaw on the 28 Jan 2011.

The action that Roy took to draw face books attention to this security hole was not correct, but its so sad to say that in today’s world it is one of the most effective way of getting people to Improve their Internet security. By this comment we are pointing out that a large percentage of website owners do not take the necessary action to ensure that their website are secure, even when vulnerabilities and security alerts are published. These type of people only take action after it becomes public knowledge that their website has been hacked. It’s so hard to say who is right and wrong in these situation because there is no proper laws in place to force website owners to have a basic level of security in place.
I do not condone hackers who exploit website just to force the owners to put correct security in place, but should we prosecute the hacker and not the website owner. We need laws and regulations in place to ensure website owner take correct action to protect their websites and users by having an acceptable level of security in place as well as forcing them to prove that they are taking necessary steps to keep their security up to date.

 

The fact of the matter is that Roy did not hack Facebook, he simply access facebook through an open door (a security hole). The most shocking part of all the so call big hack that are know about in the media is that most were not hacks, they were simply people access systems through open door (security holes/flaws) and which gave them access to the system. 99% of all hacking can be prevented by simply keeping your system up to date and running regular security issue.

What is a XSS Cross-Site Scripting attack?
Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign and trusted web sites. Cross-site scripting (XSS) attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user in the output it generates without validating or encoding it.

An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by your browser and used with that site. These scripts can even rewrite the content of the HTML page.
 

 

.