Showing posts with label PHP. Show all posts
Showing posts with label PHP. Show all posts

Tuesday, 12 April 2011

Warning: New Adobe Flash Flaw

--
Another month, another Adobe Flash security flaw. The following is a full quote from the most excellent SANS NewsBites Vol. 13 Number 29:
--Adobe Warns of Zero-Day Flaw in Flash
(April 11, 2011)
Adobe has issued a warning of a zero-day vulnerability in Flash Player that is being actively exploited in targeted attacks. The vulnerability can be used to take control of computers or to cause them to crash.  The attack is spreading as a Flash (.swf) file embedded in a Microsoft Word (.doc) file that arrives as an attachment.  Adobe did not say when a patch will be available.
Internet Storm Center:
http://isc.sans.edu/diary/Yet+another+Adobe+Flash+Reader+Acrobat+0+day/10696
http://news.cnet.com/8301-27080_3-20052894-245.html?tag=mncol;title
http://www.zdnet.com/blog/security/adobe-warns-of-new-flash-player-zero-day-attack/8524
http://www.computerworld.com/s/article/921572/Adobe_confirms_critical_Flash_zero_day_bug
[Editor's Note (Ullrich): In the past, I have observed users using Flash games embedded in Excel and Word documents to bypass corporate controls to prevent users from running these games. It may be a good awareness item to note the particular danger of these embedded flash files.]
You can sign up for the SANS Institute newsletters HERE.

I've also been reading about computers being PWNed via infected PDFs and Flash embedded in Excel spreadsheets.

My advice continues to be adherence to the Rules of Computing #1 and #2:

1) Make A Backup. Every day. Two of them. One on site. One off site.

2) Verify every file and application you receive or gather off the Internet as LEGITIMATE before you open it. That means doing homework. It's worth it.

Then add to that:

A) Avoidance of automatically running anything embedded in PDFs or Excel or Word or PowerPoint presentations you receive. Make sure YOU are in control of what runs when and where. No automatic anything. Make yourself the boss of your computer. The LUSER Factor remains a large problem for all of us. But we humans have a lot better scrutiny than a brainless computer program.

B) Don't Use Flash! Or at the very least use one of the many great utilities to stop Flash from running until YOU decide you want to run it. Also use utilities that KILL Flash cookies. These utilities include: The Safari Cookies extension. ClickToFlash.The Flashblock add-on for Firefox. The NoScript add-on for Firefox. The FlashFrozen application.

OF INTEREST: I read this week about a new Adobe initiative that will allow combining Flash with PHP in order to create non-Adobe Air apps for smart phones and all iOS devices. My initial response, knowing the poor security of both technologies, is OMFG. But rather than get all FUDed out, let's simply see what happens.

Stay safe. Stay secure. Laugh at the FUD. Enjoy the facts.

:-Derek
--
Posted by at No comments:
Labels: , , , , , ,

Tuesday, 24 August 2010

Apple Security Update 2010-005

--
Apple have released FOUR versions of Security Update 2010-005. The versions are linked below:

Mac OS X Snow Leopard Client - 80.63 MB

Mac OS X Snow Leopard Server - 136.86 MB

Mac OS X Leopard Client - 211.88 MB

Mac OS X Leopard Server - 418.92 MB

The general downloads page can be found HERE.

You can read about the security patches HERE.

My quick summary:

There are 8 security patches.

-> 2 PHP patches: One patches a buffer overflow vulnerability regarding maliciously crafted PNG image files. The other updates PHP to version v5.3.2, which itself provides a variety of security patches to such things as further buffer overflow vulnerabilities.

-> 1 Samba patch: A buffer overflow...

-> 1 Apple Type Services (ATS) patch: A vulnerability to maliciously crafted embedded fonts due to a buffer overflow...

-> 1 CFNetwork patch: Prevents a man-in-the-middle attack that could redirect network connections and intercept a user's sensitive information such as their user credentials.

-> 1 ClamAV patch: Updates the versions of ClamAV in Mac OS X Server 10.5 and 10.6 to version 0.96.1, solving multiple vulnerabilities.

-> 1 CoreGraphics patch: A heap buffer overflow due to maliciously crafted PDF files. (Presumably this is related to a similar problem in iOS v4.0).

-> 1 libsecurity patch: Improves the handling of certificate host names, preventing a website impersonation attack.
--
Posted by at No comments:
Labels: , , , , , , , ,

Saturday, 25 July 2009

Mac Attacks @ Black Hat USA 2009

--
BWAHAHAHA!

It's time for the second Black Hat Technical Security Conference of the year, this one being held in Los Vegas, NV. Where else! I wonder how much money casinos will lose to participants after hours.

The conference runs July 25 through July 30. I'll be keeping an eye on Mac related revelry. Here are a couple announced Mac security events, researched and presented of course by two of our greatest Mac hackers, Dino Dai Zovi and Dr. Charlie Miller. My anti-heroes. *sw00n*
DINO DAI ZOVI

Advanced Mac OS X Rootkits

The Mac OS X kernel (xnu) is a hybrid BSD and Mach kernel. While Unix-oriented rootkit techniques are pretty well known, Mach-based rootkit techniques have not been as thoroughly publicly explored. This presentation will cover a variety of rootkit techniques for both user-space and kernel-space rootkits using unique and poorly understood or documented Mac OS X and Mach features.

Macsploitation with Metasploit

While Metasploit has had a number of Mac exploits for several years, the exploit payloads available have done little more than give a remote shell. These payloads are significantly simpler than the DLL-injection based payloads for Windows-based targets like the Meterpreter and VNC Inject payloads. This talk will cover the development and use of the fancier Metasploit Mac payloads developed by Dino Dai Zovi (the presenter) and Charlie Miller, including bundle injection, iSight photo capture, and Macterpreter.
Here is Dino's bio from the site:
Dino Dai Zovi
Endgame Systems

Dino Dai Zovi has been working in information security for over 9 years with experience in red teaming, penetration testing, and software security assessments at Sandia National Laboratories, @stake, and Matasano Security. Mr. Dai Zovi is also a regular speaker at information security conferences including presentations of his research on MacOS X security, hardware virtualization assisted rootkits using Intel VT-x, 802.11 wireless client security, and offensive security techniques at BlackHat USA, Microsoft BlueHat, CanSecWest, the USENIX Workshop on Offensive Technology, and DEFCON. He is a co-author of "The Mac Hacker's Handbook" (Wiley 2008) and "The Art of Software Security Testing" (Addison-Wesley Professional 2006). He is perhaps best known in the information security and Mac communities for discovering the vulnerability and writing the exploit to win the first PWN2OWN contest at CanSecWest 2007.
Also featured is a talk by Kostya Kortchinsky on how to use breakout vulnerabilites in VMWare virtualization software for Mac to hack into the host machine. And that's bad. Kostya works in France and is infamous for being first to exploit announced Microsoft vulnerabilities.

Some other somewhat Mac relevant subjects that will be presented:
  • BitTorrent Hacks - Michael Brooks and David Aslanian
  • Reversing and Exploiting and Apple� Firmware Update [for an Apple aluminum keyboard] - K. Chen
And of course an array of new PHP and SQL vulnerability hacks. What, no Microsoft exploits? There's no fooling you! Of course there are! And let's not forget exploitation of ye olde Intel� BIOS, Oracle, parking meters, iPhones, routers, and the US federal government. Included is an in depth discussion of the Windows worm of the year, Conficker. The favorite subject this year appears to be rootkits. The Pwnie Awards will be announced July 29th. There's fun for everyone.
--
Posted by at No comments:
Labels: , , , , , , , , , , , , , , , , , ,
Subscribe to: Posts (Atom)

Search