Tag Archive for: Researcher

Researcher uses Dirty Pipe exploit to fully root a Pixel 6 Pro and Samsung S22

/in


Stylized illustration of a robot holding a smart tablet.

A researcher has successfully used the critical Dirty Pipe vulnerability in Linux to fully root two models of Android phones—a Pixel 6 Pro and Samsung S22—in a hack that demonstrates the power of exploiting the newly discovered OS flaw.

The researcher chose those two handset models for a good reason: They are two of the few—if not the only—devices known to run Android version 5.10.43, the only release of Google’s mobile OS that’s vulnerable to Dirty Pipe. Because the LPE, or local privilege escalation, vulnerability wasn’t introduced until the recently released version 5.8 of the Linux kernel, the universe of exploitable devices—whether mobile, Internet of Things, or servers and desktops—is relatively small.

Behold, a reverse shell with root privileges

But for devices that do package affected Linux kernel versions, Dirty Pipe offers hackers—both benign and malicious—a platform for bypassing normal security controls and gaining full root control. From there, a malicious app could surreptitiously steal authentication credentials, photos, files, messages, and other sensitive data. As I reported last week, Dirty Pipe is among the most serious Linux threats to be disclosed since 2016, the year another high-severity and easy-to-exploit Linux flaw named Dirty Cow came to light.

Android uses security mechanisms such as SELinux and sandboxing, which often make exploits hard, if not impossible. Despite the challenge, the successful Android root shows that Dirty Pipe is a viable attack vector against vulnerable devices.

“It’s exciting because most Linux kernel vulnerabilities are not going to be useful to exploit Android,” Valentina Palmiotti, lead security researcher at security firm Grapl, said in an interview. The exploit “is notable because there have only been a few public Android LPEs in recent years (compare that to iOS where there have been so many). Though because it only works 5.8 kernels and up, it’s limited to the two devices we saw in the demo.”

In a video demonstration published on Twitter, a security researcher who asked to be identified…

Source…

Ukrainian Researcher Leaks Conti Ransomware Gang Data

/in


Cybercrime
,
Cybercrime as-a-service
,
Fraud Management & Cybercrime

The Leak Will Help Researchers Track and Fight Conti and Its Affiliates

Jeremy Kirk (jeremy_kirk) •
February 28, 2022    

Ukrainian Researcher Leaks Conti Ransomware Gang Data
The Ukrainian flag via Geralt/Pixabay.

A Ukrainian cybersecurity researcher has released 13 months of sensitive data that came from the internal systems of the Conti ransomware gang, a development that may help in the fight against a prevalent ransomware strain.

See Also: Live Webinar | Nuclear Ransomware 3.0: We Thought It Was Bad and Then It Got Even Worse


The researcher, who had access to Conti’s systems, released the data after the notorious ransomware gang expressed support for Russia since its invasion of Ukraine, says Alex Holden, CTO of Hold Security, a consultancy that studies ransomware and cybercrime. The security researcher’s name cannot be released.


The data, which is in JSON format, includes Jabber chat logs, bitcoin addresses and negotiations between ransomware victims and the Conti attackers. Much of the data is internal chat between members and affiliates of Conti, including personal details, conflicts and accusations. There are also logs related to TrickBot, a botnet that has been used at times to distribute Conti, Holden says. The data covers the period from January 2021 until earlier this month (see: Cybercrime Moves: Conti Ransomware Absorbs TrickBot Malware).


The Conti data is “a must-read for any security professional because it gives you an insight of how ransomware really works,” Holden says. VX-Underground, a group of malware researchers, has also vetted the data and shared it publicly….

Source…

UTSA researcher part of team protecting EV charging stations from cyberattacks | UTSA Today | UTSA

/in


Bou-Harb and his fellow researchers wanted to explore the real-life implications of cyberattacks against EV charging systems and how to utilize cybersecurity countermeasures to mitigate them. His team also assessed how exploited systems can attack critical infrastructure such as the power grid.

“Electrical vehicles are the norm nowadays. However, their management stations are susceptible to security exploitations,” said Bou-Harb, who is an associate professor in the Carlos Alvarez College of Business’ Department of Information Systems and Cyber Security. “In this work, we endeavored to uncover their related security weaknesses and understand their consequences on electrical vehicles and the smart grid while providing recommendations and sharing our findings with relevant industry for proactive security remediation.”

The team identified 16 electrical vehicle charging managing systems, which they divided into separate categories such as firmware, mobile, and web apps. They performed an in-depth security analysis on each one.

“We devised a system lookup and collection approach to identify a large number of electrical vehicle charging systems, then leveraged reverse engineering and white-/black-box web application penetration testing techniques to perform a thorough vulnerability analysis,” Bou-Harb said.

The team discovered a range of vulnerabilities amongst the 16 systems and highlighted the 13 most severe vulnerabilities such as missing authentication and cross-site scripting. By exploiting these vulnerabilities, attackers can cause several issues, including manipulating the firmware or disguising themselves as actual users and accessing user data.

According to a recent white paper study by the researchers, “while it is possible to conduct different attacks on various entities within the electrical vehicle ecosystem, in this work, we focus on investigating large-scale attacks that have severe impact on the compromised charging station, its user and the connected power grid.”

During this project, the team developed several security measures, guidelines and best practices for developers to mitigate cyberattacks. They…

Source…

FBI email servers hacked in a recent hacker-security researcher feud

/in


FBI

Source:
TechViral

FBI or the Federal Bureau of Investigation has recently been compromised in a dark web feud between hackers. The hackers have allegedly hacked into FBI email servers to send messages to a dark web security researcher. This is something that was unexpected to any of us, but it turns out that the FBI’s security enhancements have to be updated, and they were not as good as they claimed it to be.

There are hackers that lay low on the dark web and then there are security research companies that target these hackers to bring them down. This time, the rivalry has become public as the hackers hacked into the Federal Bureau of Investigation which, according to a report by Bleeping Computer and Engadget, has confirmed the breach. FBI told the reporters that their systems were compromised early on 13th November to send fake messages to Vinny Troia, the leader of dark web security research companies- Shadowbyte and NightLion.

Now, as mentioned in a report by Engadget, Spamhaus, a non-profit intelligence organization shed light on these fake messages. However, they confirmed that the hackers have used legitimate FBI systems to conduct the attack, using email addresses that were found in the FBI’s database for the American Registry of Internet Numbers, among multiple other sources. This is an enormous hack that could have led to a disaster but the hackers used it only to target the dark web researcher. The reported further note that more than 10,000 addressed were involved in receiving these fake messages in a total of two waves, according to Engadget and Bleeping Computer.

Troia, the security researcher who was the recipient of these fake emails says that this could have something to do with “Pompomourin”, an entity that has attempted an attack on the researcher in the past, however, there is no official confirmation for the same, yet. As a precautionary measure, the FBI has asked the email recipients to report fake emails like to its Cybersecurity and Infrastructure Security Agency or the Internet Crime Complaint Centre.

Source…