Posts Tagged ‘Vulnerability’

Unseen, uncaught!

Posted by spaquet on May 24, 2011  |   Comments Off

According to Trend Micro researcher Karl Dominguez: The vulnerability was actively being exploited using emails that contained malicious scripts and was able to stole email without warning.

Successful attacks required only that a Hotmail user open the malicious email or view it in a preview window. The commands embedded in the emails uploaded users’ correspondences and user contacts to servers under the control of attackers without requiring the victim to click on links or otherwise take any action.

The scripts also also had the capability of enabling email forwarding on the targeted Hotmail account, allowing attackers to view emails sent to the victim in the future…

Microsoft has now patched this bug, but it illustrates how important IT rules can be since it allowed attackers to silently steal confidential correspondences and user contacts from unsuspecting victims.

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.

And the winner is…

Posted by spaquet on May 19, 2011  |   Comments Off

Sony!

Just four days after the PlayStation Network reopened, Sony has taken down login and password recovery pages for the service following reports they contained a serious flaw that was actively exploited to hijack user accounts.

The vulnerability, which was first reported by UK-based gaming news site Nyleveia.com, required only that an attacker know the date of birth and email address associated with a targeted user’s account… forcing Sony to disable the login pages in order to prevent attacks.

Following the publication of this hack, Sony issued the following statement:

“We temporarily took down the PSN and Qriocity password reset page. Contrary to some reports, there was no hack involved. In the process of resetting of passwords there was a URL exploit that we have subsequently fixed.”

But this blunder raises new doubts about Sony’s ability to secure the PlayStation Network just as the company is trying to regain the confidence of dubious government officials and its 77 million account holders. Sony took down the service on April 20, following the discovery that core parts of its network had suffered a criminal intrusion that stole names, user names, passwords, birth dates, addresses, and other sensitive details of all its users. Company executives have said they can’t rule out the possibility that credit card data was also taken.

The exploit involved the bypass of a digital token system that Sony used when users reset their PSN password. Attackers could carry out the attack by visiting https://store.playstation.com/accounts/reset/resetPassword.action?token and then, in a separate browser tab, opening a different page on us.playstation.com and following Sony’s reset procedure, which required only the date of birth and email address associated with the account.

The attacker would then return to the original tab and, armed with the browser cookie just issued by Sony’s servers, complete an image verification on the page. The attacker would then proceed to a scree allowing him to change the victim’s password.

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.

When third parties are weak

Posted by spaquet on May 8, 2011  |   Comments Off

Few weeks ago (a patch has been release at the time of writing) Skype was offering a nice way for an attacker to get control of OS X computer.

This fully illustrates that how strong the OS can be, there is always a flaw somewhere on the system, and by the way the same vulnerability was not detected on Windows and Linux version of Skype…

This time, Skype was fast to respond and issued a patch, but failed communicating on it so rumors get back on the front scene this week before prompting a strong come back of Skype spokespersons.

Let’s look at the flow more precisely:

First, researchers who found this critical flaw, found it by accident while exchanging via skype piece of program. They noticed that the payload was executing on the remote end of the chat.

After testing on several Skype version on several system they had established more than a proof of concept for that flaw which has not being seen exploited for now

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.

This is the end…

Posted by spaquet on February 18, 2011  |   Comments Off

The future of Java looks pretty gloomy: removed from next version of OS X, overpassed by PHP and Rails on the Web and it is appearing as a vector for viruses and other hacks on safe thought systems such as Linux and OS X…

This fact is illustrated by Oracle fixes of this week where 21 security vulnerabilities were patched; 19 of which allow attackers to remotely install malicious software on end-user machines.

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.

An other day, an other bug…

Posted by spaquet on February 16, 2011  |   Comments Off

The flaw in “BrowserWriteErrorLogEntry()” function within the Windows mrxsmb.sys driver “could be exploited by remote attackers or malicious users to cause a denial of service or take complete control of a vulnerable system,” researchers from French security firm Vupen warned. The warning came after proof-of-concept code was posted on Monday to the Full-disclosure mailing list.

Vupen, which rates the vulnerability as critical, has confirmed the bug in Windows Server 2003 SP2 and Windows XP SP3. Secunia rates it as moderately critical, the third most serious notch in its five-tier system.

A Microsoft spokesman said company researchers are investigating the reports and “will take appropriate action to help protect customers” when the inquiry is complete.

More information on this vulnerability can be found here, here and here (sources: Vupen and Secunia)

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.

How, How, How… It’s Christmas !

Posted by spaquet on January 3, 2011  |   Comments Off

Well, looks like Microsoft is giving away some gifts to best friends “hackers” thanks to an other best friend: Googlebot.

According to Michal Zalewski, a security researcher at Google, data concerning at least one “clearly exploitable crash” in the Microsoft browser was inadvertently disclosed to people who were using a Chinese IP address. Details about the bug, which resides in the mshtml.dll component, were stored on a server that had accidentally been indexed by Google…

The bug leads to arbitrary crashes in the EIP, or extended instruction pointer, of machines running the Microsoft browser. Zalewski said the flaw “is pretty much fully attacker-controlled.” It was uncovered using cross_fuzz, a security tool the researcher developed in his spare time more than two years ago to identify potential security vulnerabilities in IE, Firefox, and other browsers. Since its release, the tool has helped to identify nearly 100 various browser bugs.

More information can ben obtained at Michal’s blogs : here and here