Search This Blog

Showing posts with label Bugs. Show all posts

Industrial Switches Given by the Vendors Affected by a Same Vulnerability

Industrial switches that were given by the vendors have been affected by a same vulnerability, the reason being they all have the same firmware from Korenix Technology, an industrial networking solutions provider based in Taiwan. SEC Consult, an Austrian-based cyber security company revealed the vulnerability. The company (which is owned by Atos) was trying to get the security holes patched since last year, but it took more than an year for Korenix to release security fixes. 

Security Week reports "Properl+Fuchs did release some patches and workarounds last year after being notified about the vulnerabilities, but the company’s response was limited due to the fact that the flaws existed in the Korenix firmware. SEC Consult’s initial attempts to get Korenix to patch the vulnerabilities failed, until late November 2020, when the company had been preparing to make its findings public." Westermo for PMI-110-F2G and Pepperl+Fuchs for Comtrol RocketLinx industrial switches also use the same firmware made for Jetnet Industrial switches by Korenix. Beijer Electronics Group owns both Westermo and Pepperl+Fuchs. 

As per SEC consult, the companies which made these devices have the same firmware base, hence, a single vulnerability affects all of them. SEC Consult found 5 kinds of vulnerabilities, assigned high severity, and critical ratings. It includes unauthorised device administration, cross-site request forgery, authentication command injection, TFTP file/read/write issues, and backdoor accounts. If a hacker has network access, he can attack a device and make unauthorised changes in configuration, steal sensitive data, or make it enter into a DoS state. The affected devices are used in automation, transportation, heavy industry, surveillance, power and energy, and other sectors. 

These switches, according to experts, hold a crucial position in a network and attacker can exploit these vulnerabilities and disruption the connection to the attached network systems.  Apart from releasing firmware updates for the security fixes, Korenix has also suggested some measures to prevent from potential threats. "This vulnerability can also be exploited via Cross-Site Request Forgery attacks as there is no protection for that kind of attack. The NMS (Network Management System) of Korenix, also known as JetView or Korenix NMS, communicates via UDP and triggered all actions without prior authentication," reports Security Week.

Northeastern University Team Finds New Ways to Detect Bugs in its Research

A research team at Northeastern University finds vulnerabilities and code defects. It does it by detecting when a programmer uses various code snippets to carry out the same tasks. Consistent and repeatable programming is said to be one of the best ways in software development, it has also become more crucial as the development team grows in size every day. Today, Northeastern University's research team reveals that finding irregular programming, code snippets that carry out the same tasks but in unique ways, can also help in finding bugs and potential vulnerabilities. 

The team presented a paper at USENIX Security Conference last year, researchers used machine learning to detect bugs. It first identified code snippets that carried out the same functions, later compared the codes to find irregularities. Known as "Functionally Similar yet Inconsistent Code Snippets" aka FICS, the program detected 22 new bugs after investigating QEMU and OpenSSL open-source projects." From basic bugs such as absent bounds checking to complex bugs such as use-after-free, as long as the codebase contains non-buggy code snippets that are functionally similar to a buggy code snippet, the buggy one can be detected as an inconsistent implementation of the functionality or logic," said the experts. 

Expert Mansour Ahmadi, research associate at Northeastern University says that they don't intend to change other methods of static analysis with this research, however, they want to give developers an idea about addition tool in their infantry which can be used to analyze code and find bugs. Mr. Ahmadi currently works at Amazon as a security engineer. An earlier different approach uses static analysis, when faced with an issue or had to be encountered with a rule to find the pattern. 

For instance, if a system has previously found a variant of a bug, these approaches are likely to fail in finding the bug. However, with accurate implementations of code snippets with similar functions, the FICS method can easily find the bug. According to Mr. Ahmadi, " While we were acknowledged by the developers for our findings, the developers did not proceed to assign CVEs to them as they believe the bugs are not exploitable."

The Streamer for Gamer Nvidia Shield Tv Detected with Security Bugs

 

Computer gaming giant that goes by the motto of “level up experience more”, Nvidia detected bugs in its Shield TV. This gaming company is an American multinational technology company headquartered in California, USA. Nvidia is an artificial intelligence computing giant. The foremost work of Nvidia is to design graphics processing unit (GPU) for the gaming world and the professional market. They also develop the system on a chip unit for the mobile computing and automotive market.

In recent times, Nvidia acknowledged three security bugs in the Nvidia Shield TV which could have proved to be harmful and may permit services denial with rights escalation and data loss of the user. Nvidia Shield TV has been developed for gamers to play smart house, PC games from the PC console to television, and stream on and off the local and online internet servers. Better said, it’s a “set-top gadget” used for gaming. Subsequently, for the video-friendly graphics processing unit (GPU) monitor device, Nvidia solely published a security alert for a security bug cluster detected. 

Nvidia Shield TV interface, the NVDEC part of the hardware-dependent decoder encompasses a high– severity by CVE- 2021- 1068. Such bugs arise in the hardware when the actors can write or read from a memory location that is outside the scope of the intended boundary of the buffer. This issue later may lead to a service denial or the escalation of privileges. It has a fair rating of 7.8 CVSS.

The remaining two bugs do not hold high- severity. The flaw CVE- 2021- 1069 was detected in the NV host feature and could easily cause the data to be lost due to the null point reference. Whereas another bug CVE- 2021- 1067 endures in the application of the RPMB command status. In the RPMB command, the actors can write to the Write Protect Configuration Block, which also may lead to a service denial or the escalation of privileges. By using the upgrade note that appears on the notification screen, or via the Settings>About>System update, users can download and install the software update to secure a system. It will prevent them from any further loss of data by the detected bugs.

Malware creators producing more dangers to mac-OS


Illegal affair in Mac operating system proceeds to increase, with malware makers producing out bugs that aim users of the popular operating system Apple. Discovered by Trend Micro as 'backdoor.macOS.nukespeed,' a new modification of a Mac backdoor is associated with the cyber-criminal club Lazarus, which was recently infamous for targeting Korean organizations with a crafted MS Excel spreadsheet.


Connections to a first Lazarus routine- 

A malicious sample that was discovered by a twitter user named cyberwar_15 was analyzed, and the experts found that the virus used an embedded excel sheet to target the user. This kind of attack is similar to the one which was conducted by the Lazarus group. But, contrary to the earlier hack which includes many routines based on the Operating system the Excel sheet is running on, the embedded macro in this catalog will simply work a PowerShell text that joins to 3 C&C servers, established by the group Lazarus.

The Mac package also holds fake and genuine Flash Players- 

Aside from the examined specimen, Qianxin Technology and @cyberwar_15 also found an inhospitable Mac application package doubted to be connected to the crime as it yields alike C&C servers with crafted spreadsheets. But, this is merely a bait as the original flash player file is carried as a concealed Mac OS catalog. The package holds 2 adobe flash player files, one being a genuine version while the other a fake version named as 'trojan.macOS.nukesped.b.' The application will operate on the micro-size flash player file as its primary actor, which is the fake variant that simply acts as an 'adobe flash player'. To hide the malicious hacking activity, the virus runs the genuine flash player to do the trick.

Conclusion- 

In contrast to Lazarus’ previous method that used macros to install a backdoor Mac file for the backdoor entry, the examples examined by TrendMicro show that hacks like these use a fake application as a decoy to run along with the malicious macOS attacks. The criminal groups like Lazarus have become a threat to cybersecurity, Lazarus has been expanding its reach of intervention by various programs.

Big Bug Bounty Hunts by Cyber Giants Fetch Ethical Hackers Millions!





As a part of being more aware and secure in terms of cyber-crime and to stay clear off any possible hazards that may or may not come their way, organizations have started paying up millions to those people who find bugs in their systems.


Recently, a concerned cyber-space user received a message that allegedly said, “Hey, we’ve got some money for you. Do you want it?”

This message had come from Yahoo in response to a bug that the person had sent to the organization. As of now this bug-sending business has paid up a profit of $1.5m.

Yahoo like many companies pays up to people who find bugs and loopholes for them that could be potentially exploited by hackers or cyber-cons.

These ethical hackers sign-up with organizations like Bug Crowd, Synack, Hacker One etc. who conduct bug bounty programs on behalf of other organizations.

 To participate in this, a person need not even have a profound knowledge of coding and other technical skills cited the aforementioned user.

However, he had always been a part of the security industry where he learned deeply about the protocols regarding the swapping of data.

Nevertheless, there is a substantially enormous difference between the way professionals work on cyber issues and the way beginners do.




It’s been long since people actually felt inclined towards working in the cyber security industry even if they weren’t getting paid much.

Earlier and even now to some remote extent there exists an underlying need for more professionally oriented skillful hands in the cyber-security industry.

Many countries have government funded educational schemes for school kids to help them have a sense of the cyber-security.

With 25,000 school children as their intake UK’s scheme, Cyber Discovery had a fabulous first year. It’s an initiative to let kids know that the daily work of pros is fun.

Participants get points when they complete each section and the top performers get to attend residential courses that help them get better.

The big bug bounty hunts could be a great way to attract the attention of young minds and help them get a taste of what defeating bad guys feels like.

Anyone who wished to enter in the big bug bounties should contemplate the fact that it requires a lot more than sheer luck to work as an actual cyber-security guy.

“Also, companies should have their own set of defenses set against the cyber cons rather than letting the bounty hunters know what the inner situation is.”, said a source.

Nonetheless, it should always be more about being a concerned citizen, trying to solve problems, and make a better and safe cyber-world.

Chrome Zero-Day Attack; Google Advises to Update Immediately!




Chrome releases its latest version and the researchers request all the users to immediately update their versions of the famous browser.

The latest version is 72.0.3626.121 and was released in the very beginning of March 2019.

All that needs to be done to upgrade the older version is, type the specific URL chrome://settings/help which will inform the user what version is currently on.

All these alarm signs are blaring because of a recent zero-day security vulnerability that has emerged.

CVE-2019-5786 has been identified as the vulnerability and Google says it’s aware of it and hence is warning off its users.

A vulnerability happens to be a bug which corrupts the software in a way which reduces security. Whereas, an exploit is just a way of using the vulnerability to get past the security provisions.

All the vulnerabilities pose a threat to the system even if it means producing thousands of unwanted messages.

All exploits emerge from vulnerabilities but all vulnerabilities are not a fruit of exploits.

If made to work the malicious way, vulnerabilities could be forced to do a lot more than just creating error messages.

Zero-day is a vulnerability that the cyber-cons found a way to misuse before the researchers could find an appropriate solution for it.

Meaning that a Zero-day is an attack of which even the best researchers can’t find the solutions.

These attacks are usually found out weeks or even months later they start functioning on the network.

The bug is trying to be fixed by Google and restrictions are being retained until the bug exists.

The vulnerability includes a memory mismanagement bug in a part of Chrome by the name of “FileReader”.

This “FileReader” aids the web developers in springing up menus and dialogs.

The attacker could take control of a lot when it comes to this particular bug. It’s not just restricted to reading from files and goes far as “Remote Code Execution”.

Meaning, any malware could be implanted onto the victim’s system without any warning, pop-up or dialog.

All that could be done to save your system is keeping systems up-to-date at all times.

Also, always keep checking for updates and patches to fix vulnerabilities.