Tag Archive for: disclosed

Apple fails to patch publicly disclosed zero-day flaws with iOS 15.0.1

/in


Apple’s latest point update for iOS 15 does not contain patches for three zero-day vulnerabilities that were reported to the company months ago and publicly disclosed last week.

iPhone 13 mini

In September, security researcher Denis Tokarev, better known by his pseudonym illusionofcha0s, claimed that Apple ignored multiple reports pertaining to newly discovered zero-day vulnerabilities present in iOS, the company’s flagship mobile operating system. Tokarev reported four flaws to Apple between March 10 and May 4, and while one issue was patched in iOS 14.7, the other three remain active in the latest iOS 15.0.1.

By his own admission, the zero-day vulnerabilities that persist are not critical, with one pertaining to a bug that could enable maliciously crafted apps to read users’ Apple ID information if somehow allowed onto the App Store.

Still, Apple’s handling of the disclosures, reported through the Bug Bounty Program, does not sit well with Tokarev, who penned a blog post in late September detailing his interactions with tech giant’s team. According to the researcher, Apple failed to list the security issue it patched in iOS 14.7 and did not add information about the flaw in subsequent security page updates.

“When I confronted them, they apologized, assured me it happened due to a processing issue and promised to list it on the security content page of the next update,” illusionofchaos wrote at the time. “There were three releases since then and they broke their promise each time.”

Apple saw Tokarev’s blog post and again apologized. The company said its teams were still investigating the three remaining vulnerabilities as of Sept. 27, but Tokarev made the flaws public last week in line with standard vulnerability disclosure protocols.

Ethical hackers have criticized Apple’s Bug Bounty Program and the company’s general handling of public security researchers, citing a lack of communication, payment issues and other problems. The initiative offers payouts for bugs and exploits.

Earlier this week, researcher Bobby Rauch publicly disclosed an AirTag vulnerability after Apple failed to answer basic questions about the bug and whether Rauch would be credited with the find. The…

Source…

Unpatched Remote Hacking Flaw Disclosed in Fortinet’s FortiWeb WAF

/in


Fortinet FortiWeb WAF

Details have emerged about a new unpatched security vulnerability in Fortinet’s web application firewall (WAF) appliances that could be abused by a remote, authenticated attacker to execute malicious commands on the system.

“An OS command injection vulnerability in FortiWeb’s management interface (version 6.3.11 and prior) can allow a remote, authenticated attacker to execute arbitrary commands on the system, via the SAML server configuration page,” cybersecurity firm Rapid7 said in an advisory published Tuesday. “This vulnerability appears to be related to CVE-2021-22123, which was addressed in FG-IR-20-120.”

Stack Overflow Teams

Rapid7 said it discovered and reported the issue in June 2021. Fortinet is expected to release a patch at the end of August with version Fortiweb 6.4.1.

The command injection flaw is yet to be assigned a CVE identifier, but it has a severity rating of 8.7 on the CVSS scoring system. Successful exploitation of the vulnerability can allow authenticated attackers to execute arbitrary commands as the root user on the underlying system via the SAML server configuration page.

“An attacker can leverage this vulnerability to take complete control of the affected device, with the highest possible privileges,” Rapid7’s Tod Beardsley said. “They might install a persistent shell, crypto mining software, or other malicious software. In the unlikely event the management interface is exposed to the internet, they could use the compromised platform to reach into the affected network beyond the DMZ.”

Rapid7 also warns that while authentication is a prerequisite for achieving arbitrary command execution, the exploit could be chained with an authentication bypass flaw, such as CVE-2020-29015. In the interim, users are advised to block access to the FortiWeb device’s management interface from untrusted networks, including taking steps to prevent direct exposure to the internet.

Prevent Ransomware Attacks

Although there is no evidence that the new security issue has been exploited in the wild, it’s worth noting that unpatched Fortinet servers have been a lucrative target for financially motivated and state-sponsored threat actors alike.

Earlier this April, the Federal Bureau of Investigation (FBI) and the…

Source…

BlackBerry Stock Rises As Earnings Meet Expectations As Security Revenue Disclosed

/in


BlackBerry earnings for the May quarter fell from a year earlier but met expectations as revenue edged by Wall Street targets. BlackBerry stock rose on the news as it broke out computer security software revenue for the first time.




X



Canada-based BlackBerry (BB) reported a 5-cent loss on an adjusted basis for the quarter ending May 31. Revenue fell 16% to $174 million, including $107 million in cybersecurity sales and $43 million in “Internet of Things” sales, the company said. IoT revenue includes automotive software.

Analysts expected BlackBerry to report a 5-cent per-share loss on revenue of $171.3 million. In the year-earlier quarter, Blackberry stock earned 2 cents per share on revenue of $206 million.

BlackBerry stock rose 1.4% to 12.86 in extended trading on the stock market today. In Thursday’s regular session, shares fell 3.5%.

Blackberry Stock: Intellectual Property Sale Expected

Analysts expected lower intellectual property licensing revenue to impact the BlackBerry earnings report. The company is in talks to sell its intellectual property portfolio. BlackBerry garners about 30% of revenue from intellectual property fees.

Blackberry stock has gained some 92% in 2021, though shares retreated heading into the fiscal first-quarter earnings report. Investors using social media have driven BB stock and other so-called meme stocks higher, including AMC Entertainment (AMC), GameStop (GME) and Clover Health (CLOV).

Here’s an in-depth look at BB stock, using IBD technical and fundamental analysis.

A one-time leading maker of mobile devices, BlackBerry was a driving force in pagers and cellphones. But its hardware business collapsed in 2008 amid competition from Apple (AAPL) iPhones and Android devices.

BlackBerry pivoted to mobile security software under Chief Executive John Chen. Also, BlackBerry has been a provider of software in the automotive market for entertainment and mapping programs.

If you’re new to IBD, consider taking a look at its stock trading system and CAN SLIM basics. Recognizing chart patterns for companies like BlackBerry stock is one key to the investment guidelines.

IBD offers a broad range of growth stock lists, such as Leaderboard. Investors also…

Source…

Lawmakers say US ransomware payments should be disclosed | National

/in


WASHINGTON — More transparency is needed into what kind of cash payments are made after ransomware attacks, a top Democrat said, following a recent spate of cyberattacks aimed at U.S. companies.

Mark Warner, chairman of the Senate Intelligence Committee, spoke days after a top U.S. meat producer needed to shut down facilities that account for almost a quarter of American beef supplies after a cyber incident.

“Not only are the companies often not reporting that they are attacked, but they’re not reporting the ransomware payments,” Warner said on NBC’s “Meet the Press.”

It’s “worth having” a debate over whether to make paying ransoms illegal for U.S. companies, said Warner, who’s also co-chair and founder of the Senate Cybersecurity Caucus.

Energy Secretary Jennifer Granholm, on NBC’s “Meet the Press,” backed a possible ban on ransomware payments.

“We need to send this strong message that paying a ransomware only exacerbates and accelerates this problem. You are encouraging the bad actors when that happens,” she said.

The cyberattack on JBS USA followed the incident in May where Colonial Pipeline Co. was forced to shut the largest East Coast gasoline pipeline network for days after a cyberattack.

Both incidents have been tied to Russian-based hackers, and the issue will be on the agenda when President Joe Biden meets with Russian President Vladimir Putin on June 16.

Sen. Angus King of Maine, an independent who caucuses with Democrats and is also on the intelligence panel, said private companies should be subject to mandatory reporting of a breach but also receive liability protection, creating “an entirely new relationship between the federal government and private sector.”

“There has to be trust. And there has to be real-time” reporting, King said on CNN’s “State of the Union.” “I mean, the Colonial Pipeline, my understanding is, it wasn’t reported to the government for four or five days. I think they’d already paid the ransom.”

Commerce Secretary Gina Raimondo stopped short of proposing that the U.S. government require businesses to security their technology in specific ways.

Instead, the Biden…

Source…