RAMBleed, a new side-channel attack enables attackers to read memory not belonging to them

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

A new side-channel attack that enables an attacker to read out physical memory belonging to other processes, named RAMBleed, is published.

RAMBleed, based on a previous side channel called Rowhammer, violates arbitrary privilege boundaries. The implications of this is numerous, and vary in severity based on the other software running on the target machine. The researchers demonstrated an attack against OpenSSH in which they used RAMBleed to leak a 2048 bit RSA key, but the exploit can read other data as well.

“It is widely assumed however, that bit flips within the adversary’s own private memory have no security implications, as the attacker can already modify its private memory via regular write operations. We demonstrate that this assumption is incorrect, by employing Rowhammer as a read side channel.” reads the research paper. “More specifically, we show how an unprivileged attacker can exploit the data dependence between Rowhammer induced bit flips and the bits in nearby rows to deduce these bits, including values belonging to other processes and the kernel.”

Read more

Top 5 Security News

Malformed Certs make DoS on any Windows servers possible

GoldBrute bot-net brute forcing 1.5 million RDP servers

Arbitrary OS command execution vulnerability found in VIM and Neovim

The Return of the WIZard: RCE in Exim (CVE-2019-10149)

BSides Oslo 2019 conference videos published on YouTube

2.3B Files Exposed in a Year: A New Record for Misconfigs

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

Amazon S3 cloud bucket misconfigurations however have dropped dramatically.

The last 12 months has seen the exposure of a record 2.3 billion files across cloud databases and online shares, according to an analysis released on Thursday.

A report from Digital Shadows’ Photon Research Team, Too Much Information: The Sequel, assessed the scale of inadvertent global data exposure. The 2.3 billion number represents an increase of more than 750 million files since 2018 – a more than a 50 percent annual increase.

The team’s research revealed that about half of the customer data, (1.071 billion files, including personal demographic information, passport scans and bank statements, job applications, personal photos, credentials for business networks and more) was exposed via the Server Message Block (SMB) protocol – a technology for sharing files first designed in 1983.

Read more

Top 5 Security News

A million devices still vulnerable to ‘wormable’ RDP hole

WordPress Slick Popup Plugin Contains Vulnerable Support Backdoor

Hackers Infect 50,000 MS-SQL and PHPMyAdmin Servers with Rootkit Malware

AI, the Mandatory Element of 5G Mobile Security

HiddenWasp Malware Stings Targeted Linux Systems

Secretary General gives keynote speech on NATO’s adaption to cyber threats

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

“Cyber attacks are becoming more frequent, more complex and more destructive. From low-level attempts to technologically sophisticated attacks. They come from states, and non-state actors. From close to home and from very far away. And they affect each and every one of us.” said the NATO Secretary General Jens Stoltenberg at the Cyber Defence Pledge Conference, London yesterday.

Read more

 

Top 5 Security News

UK provided evidence to 16 NATO allies of Russia hacking campaigns

Core Elastic Stack Security Features Now Available For Free Users As Well

Google Stored G Suite Users’ Passwords in Plain-Text for 14 Years

Hacker Disclosed 4 New Microsoft Zero-Day Exploits in Last 24 Hours

Tor Browser for Android is available through the Play Store

 

 

New Class of CPU Flaws Affect Almost Every Intel Processor Since 2011

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

Academic researchers today disclosed details of the newest class of speculative execution side-channel vulnerabilities in Intel processors that impacts all modern chips, including the chips used in Apple devices.
After the discovery of Spectre and Meltdown processor vulnerabilities earlier last year that put practically every computer in the world at risk, different classes of Spectre and Meltdown variations surfaced again and again.

Read more

Top 5 Security News

Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003

Severe Linux kernel flaw found in RDS

Thrangrycat

Security Updates Released for Adobe Flash Player, Reader, and Media Encoder

WhatsApp flaw used to install spyware by simply calling the target

New Initiative Aims to Fast-Track Women into Cybersecurity Careers

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

A new professional development initiative will give 100 women the opportunity to revamp their careers and prepare for new roles in cybersecurity in only 100 days…

Read more

 

Top 5 Security News

What’s Behind the Wolters Kluwer Tax Outage?

Avoid a Security Endgame: Learn About the Latest “Avengers” Scam

Critical Flaw in Cisco Elastic Services Controller Allows Full System Takeove

Turla LightNeuron: An email too far

Hackers steal US$41 million worth of Bitcoin from cryptocurrency exchange

Image by Gerd Altmann from Pixabay

Windows Zero-Day Emerges in Active Exploits

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

A just-patched vulnerability in the Windows operating system that was previously unknown up until last week is being actively exploited in the wild; it opens the door for full system takeover.

Discovered by Vasily Berdnikov and Boris Larin of Kaspersky Lab on St. Patrick’s Day this year, the flaw (CVE-2019-0859) is a use-after-free issue in the Windows kernel that allows local privilege escalation (LPE). It’s being used in advanced persistent threat (APT) campaigns, the researchers said, targeting 64-bit versions of Windows (from Windows 7 to older builds of Windows 10).

Read more

Top 5 Security News

This DDoS Attack Unleashed the Most Packets Per Second Ever. Here’s Why That’s Important.

DNS Hijacking Abuses Trust In Core Internet Service

OEM Presentation Platform Vulnerabilities

TinyPOS: Handcrafted Malware in Assembly Code

World Password Day – what (NOT!) to do

The strengths and weaknesses of different VPN protocols

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

VPN history starts back in 1996, when a Microsoft employee started developing the Peer to Peer Tunneling Protocol (PPTP).  In 1999, the specification was published.

Since then, VPN protocol technology has evolved and, at the moment, there are five widely used VPN protocols.

A breakdown of these five VPN protocols complete with their pros and cons is key to understanding VPN protocols in depth.

Read more

Top 5 Security News

‘Highly Critical’ Unpatched Zero-Day Flaw Discovered In Oracle WebLogic

DNS over HTTPS is coming whether ISPs and governments like it or not

‘Karkoff’ Is the New ‘DNSpionage’ With Selective Targeting Strategy

Source Code for CARBANAK Banking Malware Found On VirusTotal

Britain ‘Approves’ Huawei role in building ‘non-core’ parts for 5G Network

Image by Stefan Coders from Pixabay

 

Microsoft confirms Outlook.com and Hotmail accounts were breached

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

Between 1 January and 28 March this year hackers were able to access a “limited number” of consumer Outlook.com, Hotmail and MSN Mail email accounts, Microsoft has confirmed.

Read more

 

Top 5 Security News

Creator of Hub for Stolen Credit Cards Sentenced to 90 Months

Wipro Intruders Targeted Other Major IT Firms

Facebook: Yeah, we hoovered up 1.5 million email address books without permission. But it was an accident!

Weather Channel Knocked Off-Air in Dangerous Precedent

Are our infrastructures secure?

Photo by rawpixel.com from Pexels

Bug-hunters punch huge holes in WPA3 standard for Wi-Fi security

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

Researchers have detailed a set of side-channel and downgrade attacks that potentially allow an attacker to compromise Wi-Fi networks equipped with WPA3 protection.

Read more

 

Top 5 Security News

WordPress Urges Users to Uninstall Yuzo Plugin After Flaw Exploited

Google launches new security tools for G Suite users

Credential-stuffing attacks behind 30 billion login attempts in 2018

Android 7.0+ Phones Can Now Double as Google Security Keys

The right way to do AI in security

540 Million Facebook User Records Found On Unprotected Amazon Servers

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

It’s been a bad week for Facebook users.
First, the social media company was caught asking some of its new users to share passwords for their registered email accounts and now…

…the bad week gets worse with a new privacy breach.

More than half a billion records of millions of Facebook users have been found exposed on unprotected Amazon cloud servers.
The exposed datasets do not directly come from Facebook; instead, they were collected and unsecurely stored online by third-party Facebook app developers.

Read more

 

Top 5 Security News

Nvidia Fixes 8 High-Severity Flaws Allowing DoS, Code Execution

CARPE (DIEM): CVE-2019-0211 Apache Root Privilege Escalation

Windows 10 Insider Build 18362.30 Released to Fix Boot Breaking Bug

Cisco Fixed Routers Vulnerabilities that Allows Hackers to Run Remote Code with Root Access

Privacy Is Just the First Step, the Goal Is Data Ownership