Tag Archive for: Uncovered

Update your iPhone and Mac now: Serious security flaw uncovered

/in


A cybersurveillance company in Israel developed a tool to break into Apple iPhones with a never-before-seen technique that has been in use since at least February, Internet security watchdog group Citizen Lab said.

The discovery is important because of the critical nature of the vulnerability, which requires no user interaction and affects all versions of Apple’s iOS, macOS and watchOS, except for those updated on Monday.

The tool developed by the Israeli firm, named NSO Group, defeats security systems designed by Apple in recent years. Apple said it fixed the vulnerability in Monday’s software update, confirming Citizen Lab’s finding.

“After identifying the vulnerability used by this exploit for iMessage, Apple rapidly developed and deployed a fix in iOS 14.8 to protect our users,” said Ivan Krstić, head of Apple Security Engineering and Architecture, in a statement. “Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals.

“While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data,” he added.

Spyware

An Apple spokesman declined to comment on whether the hacking technique came from NSO Group.

In a statement, NSO did not confirm or deny that it was behind the technique, saying only that it would “continue to provide intelligence and law enforcement agencies around the world with life-saving technologies to fight terror and crime”.

Citizen Lab said it found the malware on the phone of an unnamed Saudi activist and that the phone had been infected with spyware in February. It is unknown how many other users may have been infected.

The intended targets would not have to click on anything for the attack to work. Researchers said they did not believe there would be any visible indication that a hack had occurred.

Popular chat apps are at risk of becoming the soft underbelly of device security. Securing them should be top…

Source…

How One Application Test Uncovered an Unexpected Opening in an Enterprise Call Tool

/in


Working as security consultants is highly rewarding. Companies depend on us to view their environment from the perspective of an attacker and find vulnerabilities that could enable threats to succeed. One of the most impactful parts of our role is when we’re the first to find a major vulnerability that could lead to a widespread compromise beyond just our client.

That’s what happened this year with the Cisco Unified Communications Manager (CUCM) IM & Presence appliance. We performed an application penetration test against it for one of our clients. While doing so, we discovered an opening that could effect anyone who uses this appliance. Read on to find out how we explored the product, how we broke it and how to put it back together.

What Is the CUCM Product?

The CUCM solution is a middleware component that allows enterprises to integrate their various communication devices and manage them using one platform. In short, it unifies voice, video, data and mobile applications on fixed and mobile networks. Starting with the Cisco Unified Communications 9.0, the Cisco Unified Presence technology is integrated within the CUCM. Nowadays, most people refer to this solution as the CUCM IM & Presence Service. Almost every customer that uses the Cisco Jabber instant messaging application has the CUCM IM & Presence deployment.

The Findings

During the pen test, we first tried to use the least possible privilege to pinpoint the vulnerabilities that the least trusted users can reach. Then, we created a replica of the appliance in a lab environment. Using several reverse engineering techniques, we extracted the source code of the web application used to manage the appliance.

Through both dynamic testing and analysis of the source code, we found the following vulnerabilities:

  • 3 x Structured Query Language (SQL) injection (CVE-2021-1355, CVE-2021-1364, CVE-2021-1282)
  • SQL injection leads to arbitrary code execution (CVE-2021-1363, CVE-2021-1365)
  • Path traversal (CVE-2021-1357)
  • Cross-site scripting (CVE-2021-1407, CVE-2021-1408)

The main objective was to find vulnerabilities that attackers could exploit to elevate their privilege on the appliance. At first, our…

Source…

How A Cybersecurity Firm (FireEye) Uncovered The Massive Computer Hack

/in


Read Greg Myre and Laurel Wamsley explain how FireEye was able to detect the sophisticated and massive SolarWinds hack attack on NPR:

The first word that hackers had carried out a highly sophisticated intrusion into U.S. computer networks came on Dec. 8, when the cybersecurity firm FireEye announced it had been breached and some of its most valuable tools had been stolen. “We escalated very quickly from the moment I got the first briefing that, ‘Hey, we have a security incident of some magnitude,’ ” FireEye CEO Kevin Mandia told All Things Considered co-host Mary Louise Kelly. “My gut was telling me it was something we needed to put people on right away.”

Read their full article here.

For more see : FireEye and SolarWinds.

How Is FireEye Setting An Ambitious Glance Into The Security Analytics Market Dominance

FireEye, Microsoft confirm SolarWinds supply chain attack

Some Quick Lessons Learned From Massive Regional Power Outages

 

Source…

How A Cybersecurity Firm Uncovered The Massive Computer Hack : NPR

/in


Kevin Mandia, CEO of the cybersecurity firm FireEye, testifies before the Senate Intelligence Committee in 2017. Mandia’s company was the first to sound the alarm about the massive hack of government agencies and private companies on Dec. 8.

Susan Walsh/AP


hide caption

toggle caption

Susan Walsh/AP

Kevin Mandia, CEO of the cybersecurity firm FireEye, testifies before the Senate Intelligence Committee in 2017. Mandia’s company was the first to sound the alarm about the massive hack of government agencies and private companies on Dec. 8.

Susan Walsh/AP

The first word that hackers had carried out a highly sophisticated intrusion into U.S. computer networks came on Dec. 8, when the cybersecurity firm FireEye announced it had been breached and some of its most valuable tools had been stolen.

“We escalated very quickly from the moment I got the first briefing that, ‘Hey, we have a security incident of some magnitude,’ ” FireEye CEO Kevin Mandia told All Things Considered co-host Mary Louise Kelly. “My gut was telling me it was something we needed to put people on right away.”

Mandia was right. Within days, the scope of the hack began to emerge.

Multiple U.S. agencies were successfully targeted, including the departments of State, Treasury, Commerce, Energy and Homeland Security as well as the National Institutes of Health.

The hackers attached their malware to a software update from Austin, Texas-based company SolarWinds, which makes software used by many federal agencies and thousands of private companies to monitor their computer networks.

Top Cyber Firm, FireEye, Says It's Been Hacked By A Foreign Govt.

The SVR, Russia’s foreign intelligence agency, is considered the most likely culprit, according to Secretary of State Mike Pompeo and some members of Congress who have been briefed by…

Source…