I came across this article written by a Greek EE student named Georgios Konstantopoulos. It was published in Hackernoon here: https://hackernoon.com/how-i-hacked-40-websites-in-7-minutes-5b4c28bc8824. It is aptly titled: “How I Hacked 40 Websites in 7 minutes”. The key takeaways here are: If content can be uploaded, take precaution to prevent any execution of data within the upload folders. This is […]
BOLO: 17-Year Old MS-Office Bug in Equation Editor
This post is worthy of a BOLO. Fixed earlier this month in the Patch Tuesday updates is a bug that has existed in all versions of Microsoft Office. This bug, CVE-2017-11882, exists in the Equation Editor, which allows users to enter mathematical formulas in Office documents. These formulas exists as OLE (Object Linking and Embedding) objects […]
Fun With Windows 10 Fall Creator’s Update (FCU)
So, I set about in October with great hopes of updating my Windows 10 boxes to the new Fall Creator’s Update. I was most interested in the enhanced security in Windows Defender. I had mixed success with the update (NOTE: #1). Here’s some of the features therein: Windows Mixed Reality When actual reality just isn’t […]
New VMware Vulnerabilities
VMware has fixed critical vulnerabilities, releasing these versions: Horizon View Client 4.6.1, Workstation Pro 12.5.8, Workstation Player 12.5.8, Fusion Pro / Fusion 8.5.9. These address issues ranging from Client O/S being able to run commands on the Host O/S, crashing Client VMs (Virtual Machines), and unprivileged users crashing their VMs. Note that Workstation 14.X and Fusion 10.X versions […]
Microsoft Security Bulletin: Quakbot and Emotet Trojans
Earlier this month, Microsoft released a security bulletin with comprehensive information about the Quakbot and Emotet Banking Trojans. They release their own variant of this malware’s Kill Chain: To guard against this problem, Microsoft has two solutions; (1) Use Advanced Threat Protection (ATP) with Office 365/Exchange Online email services, and (2) Activate the Windows Defender […]
Patch Tuesday: November 2017
Microsoft’s Patch Tuesday for this month includes 53 updates. There are four Zero-Days fixed, although no known exploits for these exist in the wild. CVE-2017-8700 (ASP.NET Core information disclosure) CVE-2017-11827 (Microsoft browser memory corruption) CVE-2017-11848 (Internet Explorer information disclosure) CVE-2017-11883 (ASP.NET Core denial of service) The Dot.Net fixes always present some challenges for business customers. […]
Intel AMT/ME, MINIX, and NSA’s HAP
MINIX (Mini-Unix) is a micro-kernel O/S based upon the AT&T’s 1979 release of Unix Version 7. It was developed by Andrew Tanenbaum in 1987 for use on PC platforms. Version 7 is significantly older than AT&T’s Unix System 5 Release 3/Release 4 variants that are the basis for most Unix, Linux, and BSD systems today. However, […]
Top Attacking Countries: October 2017
The top three countries countries are Russia, United States, and China. Russia remains at #1. China moved back up to #3. September 2017’s report can be found here.
Exploiting Virtual Machines with RAM Row-Hammer Attacks
A “Row-hammer” attack exploits a physical problem that exists in RAM where an attacker can actually cause bit-flips in DRAM memory. This has already been exploited and attacks successfully gained kernel privileges. Researchers have taken this a step further and, by exploiting a Host kernel feature known as “memory de-duplication”, can flip bits in a controller […]
BOLO: IcedID Banking Trojan/Emotet Trojan
A unique banking trojan called IcedID is hitting businesses throughout the US and Canada. In most implementations, IcedID is being bundled with another Trojan called Emotet and delivered via spam Email of infected Word documents. What makes IcedID unusual is that it propagates through a business network. It sets up a Command and Control channel […]