Tag Huawei

InfoSec Week 8, 2019

Dutch security researcher Victor Gevers found misconfigured MongoDB database containing facial recognition and other sensitive information about the Uyghur Muslim minority in China. Looks like the company behind the database is Chinese surveillance company SenseNets.
https://www.zdnet.com/article/chinese-company-leaves-muslim-tracking-facial-recognition-database-exposed-online/

The UK's GCHQ intelligence agency subsidiary, the National Cyber Security Centre, evaluated Huawei devices with the vendor and unofficially decided that the risk using Huawei devices in the infrastructure can be managed.
This is a quite interesting turning point as other US allies are banning Huawei devices from their networks.
https://www.bbc.com/news/business-47274643

If you want to know the alternatives for the PGP functionality, George Tankersley wrote a nice list for that.
https://blog.gtank.cc/modern-alternatives-to-pgp/

Open Privacy Research Society released an alpha version of Cwtch, decentralized, privacy-preserving, asynchronous multi-party messaging protocol that can be used to build other applications.
https://openprivacy.ca/blog/2019/02/14/cwtch-alpha/

Linux kernel through 4.20.10 version contain use after free arbitrary code execution vulnerability.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8912

Check Point researchers have discovered 19 years old critical vulnerability in the WinRAR software that can be exploited just by extracting an archive.
https://research.checkpoint.com/extracting-code-execution-from-winrar/

Tavis Ormandy discovered old stack buffer overflow vulnerability in the MatrixSSL implementation used primarily by the embedded devices.
https://www.openwall.com/lists/oss-security/2019/02/15/1

Really in-depth article about the discovery and exploitation of the local privilege elevation vulnerability in the LG kernel driver (CVE-2019-8372).
http://www.jackson-t.ca/lg-driver-lpe.html

Microsoft is finally deprecating weak SHA-1 hash family in their Windows update mechanism.
https://arstechnica.com/gadgets/2019/02/mandatory-update-coming-to-windows-7-2008-to-kill-off-weak-update-hashes/

Brian Krebs wrote an article about the recent widespread DNS hijacking attacks attributed to the Iranian hackers.
https://krebsonsecurity.com/2019/02/a-deep-dive-on-the-recent-widespread-dns-hijacking-attacks/

Independent Security Evaluators published a security comparison of the top five password managers which are working on Windows 10.
https://www.securityevaluators.com/casestudies/password-manager-hacking/

InfoSec Week 49, 2018

Apple included support for the WebAuthentication API in the latest Safari Release 71 (Technology Preview). The new WebAuthentication as implemented supports USB-based CTAP2 devices.
https://webkit.org/blog/8517/release-notes-for-safari-technology-preview-71/

Critical Kubernetes privilege escalation bug (CVE-2018-1002105) was found and patched during this week. When exploited, the bug allows anonymous users as well a authenticated one to use admin privileges over the cluster API.
There is an exploit published on a GitHub already.
https://gravitational.com/blog/kubernetes-websocket-upgrade-security-vulnerability/
https://github.com/evict/poc_CVE-2018-1002105

British Telecom will not use Huawei's 5G kit within the core of the network due to security concerns.
https://www.bbc.com/news/technology-46453425

Security agencies in Australia will gain greater access to encrypted messages due to a new legislative.
https://mobile.abc.net.au/news/2018-12-06/labor-backdown-federal-government-to-pass-greater-surveillance/10591944

US National Security Archive published a complete index of all 1504 items in the declassified collection of NSA internal Cryptolog periodical.
https://nsarchive.gwu.edu/briefing-book/cyber-vault/2018-12-04/cyber-brief-cryptolog

Security researchers released attacks on 7 TLS implementations, making use of Bleichenbacher and Manger's attack.
The research with a name "The 9 Lives of Bleichenbacher’s CAT: New Cache ATtacks on TLS Implementations" also includes a TLS 1.3 downgrade attack.
http://cat.eyalro.net/

Ransomware Infected 100k computers in China then demands WeChat Payment and is using XOR as an "encryption". Author was probably identified because he registered domain to his own name.
https://movaxbx.ru/2018/12/05/ransomware-infects-100k-pcs-in-china-demands-wechat-payment/

It looks like 13 years old Virut botnet is resurrected in the wild.
https://chrisdietri.ch/post/virut-resurrects/

Great blog on how guy scammed the scammer to send him photo of his ID.
https://medium.com/@hackerfantastic/scamming-the-scammers-2fb934099ccc

Nearly 250 Pages of internal Facebook documents, emails and statistics were posted online by the UK Parliament.
https://motherboard.vice.com/en_us/article/59vwez/nearly-250-pages-of-devastating-internal-facebook-documents-posted-online-by-uk-parliament

A User Data of the question-and-answer website Quora were compromised.
https://help.quora.com/hc/en-us/articles/360020212652

The records of 500 million customers of the Marriott International hotel group were compromised.
https://www.bbc.com/news/technology-46401890

Interesting revisited paper: "From Keys to Databases -- Real-World Applications of Secure Multi-Party Computation."
https://eprint.iacr.org/2018/450

GTRS - is a tool that uses Google Translator as a proxy to send arbitrary commands to an infected machine.
https://github.com/mthbernardes/GTRS

InfoSec Week 47, 2018

The German government-issued identity card (nPA) SDK had a critical security vulnerability allowing an attacker to impersonate arbitrary users against affected web applications.
https://seclists.org/fulldisclosure/2018/Nov/56

One of the largest dark Web hosting service providers was hacked using the PHP vulnerability we wrote a week ago and taken offline by deleting the whole database.
More than 6500 Dark Web services were hosted there which means that literally one third of the publicly facing dark web is gone.
https://www.zdnet.com/article/popular-dark-web-hosting-provider-got-hacked-6500-sites-down/

For 30 months, internet traffic going to Australian Defense websites flowed through the China Telecom's data centers due to BGP hijacking.
"How the strange routing occurred is known. But the reasons why it persisted for so long aren't, and many involved in the situation aren't eager to directly comment."
https://www.databreachtoday.com/did-china-spy-on-australian-defense-websites-a-11714

The Computer Emergency Response Team of Ukraine (CERT-UA) and the Foreign Intelligence Service of Ukraine detected a new malware Pterodo Windows backdoor that was targeting computers at Ukrainian government agencies.
https://hackercombat.com/new-pterodo-backdoor-malware-detected-by-ukraine/

The US government is persuading wireless and internet providers in allied countries to avoid telecommunications equipment from Chinese company Huawei.
https://www.nzherald.co.nz/business/news/article.cfm?c_id=3&objectid=12165136

Mozilla published a blog post about their concern regarding the EU Terrorist Content Regulation.
https://blog.mozilla.org/netpolicy/2018/11/21/the-eu-terrorist-content-regulation-a-threat-to-the-ecosystem-and-our-users-rights/

TinkerSec security researchers published on a Twitter a great story about his insider penetration testing assignment. Really good read, he got busted.
https://threader.app/thread/1063423110513418240

The VUSec security group published ECCploit paper and an article demonstrating Rowhammer bitflip exploits on the Error-correcting Code (ECC) enabled systems.
https://www.vusec.net/projects/eccploit/

The Crypto.cat author, security researcher Nadim Kobeissi published ProtonMail encryption paper, "An Analysis of the ProtonMail Cryptographic Architecture".
https://eprint.iacr.org/2018/1121

MiSafes' Kids Watcher child-tracking smartwatches can be compromised, children can be tracked.
https://www.pentestpartners.com/security-blog/tracking-and-snooping-on-a-million-kids/

Zydis is the ultimate, open-source X86 & X86-64 decoder/disassembler library.
https://github.com/zyantific/zydis