Tag: Enter | SpinSafe

This Week In Security: Not A Vulnerability, BGP Bug Propogation, And Press Enter To Hack

September 1, 2023/in Computer Security

Curl was recently notified of a CVE, CVE-2020-19909, rated at a hair-raising 9.8 on the CVSS scale. And PostgreSQL has CVE-2020-21469, clocking in with a 7.5 severity. You may notice something odd about those two vulnerabilities, but I promise the 2020 date is only the tip of the iceberg here.

Let’s start with PostgreSQL. That vulnerability was only present in version 12.2, which released in February of 2020, and was fixed with the 12.3 release in May of that same year. The problem is a stack buffer overflow, which doesn’t seem to enable code execution, but does cause a denial of service situation. To trigger the bug? Repeatedly send the PostgreSQL daemon the SIGHUP signal.

If you’re familiar with Linux signals, that might sound odd. See, the SIGHUP signal technically indicates the end of a user session, but most daemons use it to indicate a restart or reload request. And to send this signal, a user has to have elevated privileges — elevated enough to simply stop the daemon altogether. Put simply, it’s not a security vulnerability, just a minor bug.

And now on to curl — This one is just bizarre. The issue is a integer overflow in the --retry-delay argument, which specifies in seconds how often curl should retry a failing download. The value is multiplied by 1000 to convert to milliseconds, resulting in an overflow for very large values. The result of that overflow? A smaller value for the retry delay.

[Daniel Stenberg] makes the point that this tale is a wonderful demonstration of the brokenness of the CVE system and NVD’s handling of it. And in this case, it’s hard not to see this as negligence. We have to work really hard to construct a theoretical scenario where this bug could actually be exploited. The best I’ve been able to come up with is an online download tool, where the user can specify part of the target name and a timeout. If that tool had a check to ensure that the timeout was large enough to avoid excess traffic, this bug could bypass that check. Should we be assigning CVEs for that sort of convoluted, theoretical attack?

But here’s the thing, that attack scenario should rate something like a CVSS of 4.8 at absolute worst. NVD assigned…

Source…

Apple, Amazon, Microsoft, Google and Facebook Enter the Scene

July 24, 2022/in Computer Security

They are the companies whose names are part of the daily lives of consumers.

It is almost impossible to escape them in many daily economic activities.

They are in the top 10 of the most valuable companies in the world and are multinationals present in hundreds of countries around the world. Between the five tech giants, their worth is $7.6 trillion in market cap. Suffice to say that their weight in the economy is enormous.

At a time when investors are wondering if the economy will experience a hard landing, in other words, will enter into recession in the coming months due to inflation at its highest level in 40 years and a policy of raising interest rates at the Federal Reserve, these companies can give the temperature of the economic machine.

The companies in order of market capitalization include Apple (AAPL) – Get Apple Inc. Report ($2.5 trillion at the time of writing), Microsoft (MSFT) – Get Microsoft Corporation Report ($1.95 trillion), Alphabet (GOOGL) – Get Alphabet Inc. Report, parent company of Google, ($1.42 trillion), Amazon (AMZN) – Get Amazon.com Inc. Report ($1.25 trillion) and social media giant Meta Platforms (META) – Get Meta Platforms Inc. Report, parent company of Facebook, Instagram and WhatsApp ($458 billion). Some of them have already given a taste of what is to come by freezing hiring and removing job listings.

How Bad Is the Economy?

Coincidence or not, the GAFAM, as they are often nicknamed, publishes their quarterly results this week. These results, but especially the comments of their leaders on the health of the economy, are eagerly awaited. Investors’ questions are many, but if we could only retain two, it would be: have consumers started to reduce their spending? Have companies started to suspend their investments and reduce their marketing budgets?

Software giant Microsoft will open the ball on July 26. The activities of the Redmond group in Washington state affect both businesses (cloud with Azure, computer security) and consumers (Xbox consoles, video games, Windows software, Office). The firm recently announced cost-cutting measures, such as layoffs, whose message was clear: Microsoft is preparing for a difficult period ahead.

The…

Source…

Nation-State Cyber-Attack Tools Enter Black Market, With Rise In Ransomware As A Service

February 5, 2022/in Internet Security

Cyber-attacks are on the rise globally, accelerated further after the pandemic forced the world into a remote workforce and a digitized ecosystem. In India, cyber-attacks have doubled in the past three years, according to University of Surrey research, with enterprises the most common target of these attacks.

Air India experienced a devastating cyber-attack in February, with 4.5 million customers having their data compromised, prompting the enterprise to encourage all of its customers to change their passwords. In January, Indian payment provider Juspay experienced a data breach, with 35 million customers having their data, including card information and fingerprint scans, released on the dark web for anyone to buy.

India is ranked among the top-3 most frequently attacked company for years, according to our own Cyber Readiness Report 2020/2021. With 1.15 billion phones and 700 million internet users, India exposes a vulnerable and large user base and plenty of surfaces for cyber-attacks to take off.

Coding Unsplash/Representational image

One of the most well-known cyber-attacks was the WannaCry attack, a worldwide ransomware cyber-attack occurring in May 2017 using the WannaCry cryptoworm. This attack targeted computers running Microsoft Windows, encrypting data and extorting money out of victims with ransom threats. This attack used the EternalBlue exploit to gain access, an exploit developed by the U.S. National Security Agency (NSA) and leaked by a hacker group called the Shadow Brokers, a name referencing a character in the video game series Mass Effect. The SolarWinds supply chain attack from May was also launched by nation-state attackers, with threat actors accessing Orion users’ networks with a trojan hiding in software updates.

So, why should businesses care about ransomware attacks, especially when most attacks seem to be against public sectors? Simply because, while the attacks on public sector get vast coverage and close attention, truth is, there are many more attacks on SMEs – successful ones at that, but those are simply not as visible, so they’re not making the news. Research shows: small businesses are a ripe target for attackers – with 71% of ransomware…

Source…

Tenable and the Center for Internet Security Enter Partnership to Bolster Cyber Hygiene Across Public and Private Sectors – GlobeNewswire

October 8, 2020/in Internet Security

Tenable and the Center for Internet Security Enter Partnership to Bolster Cyber Hygiene Across Public and Private Sectors GlobeNewswire
“internet security news” – read more

Tag Archive for: Enter