A new 0day vulnerability has been discovered for an older version of Ubuntu, exploitable through unexpected means, by using a specially-constructed NES ROM, in conjunction with the NSF audio format, leading an emulator to escape its expected memory region and execute outside instructions.
Was the N.S.A. Hacked? A group calling itself The Shadow Brokers [Google cache], widely supposed to actually be Russian state-backed hackers, released an archive of purported NSA Tailored Access Operations/'Equation Group' malware, including zero-day exploits on commercial routers. NSA insiders confirm likely legitimacy. The archive dates to mid-2013, shortly after the Snowden revelations, leading him and others to ponder whether the resulting cleanup operation shut out the hackers. Schneier guesses the timing was meant to signal the Obama administration against sanctions for the DNC hack.
One of the Internet's core building blocks has a vulnerability that leaves hundreds or thousands of apps and hardware devices vulnerable to attacks that can take complete control over them. There is a patch available for Linux-based devices that do domain-name lookups, but it will take time to patch them all.
Scott Buchanan is a Super Mario 64 challenge runner who can do amazing things in the game while pressing buttons as little as possible. Here's a 25 minute long video of him collecting the Watch for Rolling Rocks in Hazy Maze Cave star while only pressing the A button one half of a time.
POODLE (Padding Oracle On Downgraded Legacy Encryption) is the latest exploit found in SSL, a protocol used widely across the Internet for secure connections. Engineers at Google discovered the exploit, and they have written a white paper discussing it. In response, Google is disabling SSL in all Google products. Some are calling this the death of SSL. For web users, disabling SSL in your browser is recommended. Here is a tool to identify if your browser is potentially affected by the POODLE exploit.
The Heartbleed Bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL is the most popular open source cryptographic library and TLS (transport layer security) implementation used to encrypt traffic on the Internet. Your popular social site, your company's site, commerce site, hobby site, site you install software from or even sites run by your government might be using vulnerable OpenSSL. All of the above is a direct quote and authored by the fine folks at heartbleed.com. It may be worth noting that one of the measures recommended (and indeed a good idea) - certificate revocation. Unfortunately, certificate revocation has some problems. [more inside]
Ars Technica reports on malicious extensions on the Chrome web browser, which install advertising-based malware that hijack links and inject ad content. Further speech recognition exploits (source) leave open the opportunity for malicious sites to record sound captured by the user's web browser without permission.
For years we've been told that our laptop cameras and webcams are "hardwired" to an LED such that the camera can't be turned on without triggering the light. Yeah, you can see where this is going (the original paper). The exploit works on pre-2008 Macs, though other laptops and webcams could be vulnerable to a similar exploit. The researchers have a kernel extension to prevent this on 2007 / 2008 MacBooks. My preferred solution for the rest of us.
“On the one hand the government is freaking out about cyber-security, and on the other the U.S. is participating in a global market in vulnerabilities and pushing up the prices,” says Soghoian, who says he has spoken with people involved in the trade and that prices range from the thousands to the hundreds of thousands. Even civilian law-enforcement agencies pay for zero-days, Soghoian says, in order to sneak spy software onto suspects’ computers or mobile phones.
You may already be screwed. And not in the good way you were hoping for. MeFi kink favourite, FetLife has been ignoring a longstanding security and privacy compromise. (nsfw)
"Millions" Of Home Routers Vulnerable to a Web Hack At the upcoming Black Hat Conference, to be held on July 29th in Las Vegas this year, a security researcher and ethical hacker named Craig Heffner will reveal a software tool to exploit a large-scale vulnerability in most home routers that will give users outside of the network access to the device. [more inside]
"There is no saving the internet. There is only postponing the inevitable." Wired Magazine looks at the history of DNS and the Kaminsky attack. [more inside]
A major flaw in the DNS system is promised to be revealed at the next Black Hat conference. Convinced it was too important to wait, security researcher Dan Kaminsky (video, autoplays) convinced several software vendors to issue emergency patches today, before publicizing details of the attack. It can't be that serious though, can it? Oh yes it can.
The Last Stage of Delirium Research Group (LSD-PLaNET) have posted code on the Internet that can allow hackers to exploit a previously disclosed vulnerability in Microsoft's Windows operating system. This kind of thing happens all the time. What never happened before is a widespread government and media panic perpetuating the buffer overrun threat as terroristic in nature, originating from the Department of Homeland Security and upsetting the gerneral public at large.
Do you have a 'Super Cookie' ??? Another m$ screw-up... Very interesting since wmp just minutes before tried to access the net through my firewall that is set to block all except a few programs. If you're running mozilla his demo doesn't hit but using msie it sures pulls up the ID# of my wmp... time to tighten things down again!!! Another blasted waste of time to fix what m$ should not have let out in the first place!!! Link via... Inflight Correction
Bring down MeFi in one easy step. Matt, does this affect you?
More news on the IIS exploit After acknowledging the problem last week, Micro$oft is now saying that the backdoor in IIS... is a flaw. M$ Technet seems to have a fix for this problem, delete the offending file! So, if systems are your bag, my advice is to start researching security if you are running M$ internet server products (SQL 7, Exchange, IIS, Index Server, etc.).