Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Application Vulnerability. Show all posts
Tech Giant
Application Vulnerability Mobile Security Phone Alarm Social Media Tech Giant

Apple Working to Patch Alarming iPhone Issue

 

Apple claims to be working rapidly to resolve an issue that resulted in some iPhone alarms not setting off, allowing its sleeping users to have an unexpected lie-in. 

Many people rely on their phones as alarm clocks, and some oversleepers took to social media to gripe. A Tiktokker expressed dissatisfaction at setting "like five alarms" that failed to go off. 

Apple has stated that it is aware of the issue at hand, but has yet to explain what it believes is causing it or how users may avoid a late start. 

It's also unknown how many people are affected or if the issue is limited to specific iPhone models. The news was first made public by the early risers on NBC's Today Show, which sparked concerns. 

In the absence of an official solution, those who are losing sleep over the issue can try a few simple fixes. One is to prevent human error; therefore, double-check the phone's alarm settings and make sure the volume is turned up. 

Others pointed the finger at Apple designers, claiming that a flaw in the iPhones' "attention aware features" could be to blame.

When enabled, they allow an iPhone to detect whether a user is paying attention to their device and, if so, to automatically take action, such as lowering the volume of alerts, including alarms. 

According to Apple, they are compatible with the iPhone X and later, as well as the iPad Pro 11-inch and iPad Pro 12.9-inch. Some TikTok users speculated that if a slumbering user's face was oriented towards the screen of a bedside iPhone, depending on the phone's settings, the functionalities may be activated. 

Apple said it intends to resolve the issue quickly. But, until then, its time zone-spanning consumer base may need to dust off some old gear and replace TikTok with the more traditional - but trustworthy - tick-tock of an alarm clock.
Read more »
Threat actors
Application Vulnerability Cyber Attacks cyber threat SAP Threat actors

Active Cyber Attacks on Mission-Critical SAP Apps

 

Security researchers are warning about the arrival of attacks targeting SAP enterprise applications that have not been updated to address vulnerabilities for which patches are available, or that utilize accounts with weak or default passwords. 

Over 400,000 organizations worldwide and 92% of Forbes Global 2000 use SAP's enterprise apps for supply chain management, enterprise resource planning, product lifecycle management, and customer relationship management.

According to a study released jointly by SAP and Onapsis, threat actors launched at least 300 successful attacks on unprotected SAP instances beginning in mid-2020. Six vulnerabilities have been exploited, some of which can provide complete control over unsecured applications. Even though SAP had released fixes for all of these flaws, the targeted companies had not installed them or were using unsecured SAP user accounts. 

"We're releasing the research Onapsis has shared with SAP as part of our commitment to help our customers ensure their mission-critical applications are protected," Tim McKnight, SAP Chief Security Officer, said. 

"This includes applying available patches, thoroughly reviewing the security configuration of their SAP environments, and proactively assessing them for signs of compromise." Researchers also observed attackers targeting six flaws, these flaws, if exploited, can be used for lateral movement across the business network to compromise other systems. 

The threat actors behind these attacks have exploited multiple security vulnerabilities and insecure configurations in SAP applications in attempts to breach the targets' systems. In addition, some of them have also been observed while chaining several vulnerabilities in their attacks to "maximize impact and potential damage."

According to an alert issued by CISA, organizations impacted by these attacks could experience, theft of sensitive data, financial fraud, disruption of mission-critical business processes, ransomware, and halt of all operations. 

Patching vulnerable SAP systems should be a priority for all defenders since Onapsis also found that attackers start targeting critical SAP vulnerabilities within less than 72 hours, with exposed and unpatched SAP apps getting compromised in less than three hours. 

Both SAP and Onapsis recommended organizations to protect themselves from these attacks by immediately performing a compromise assessment on SAP applications that are still exposed to the targeted flaws, with internet-facing SAP applications being prioritized. 

Also, companies should assess all applications in the SAP environment for risk as soon as possible and apply the relevant SAP security patches and secure configurations; and assess SAP applications to uncover any misconfigured high-privilege user accounts.

"The critical findings noted in our report describe attacks on vulnerabilities with patches and secure configuration guidelines available for months and even years," said Onapsis CEO Mariano Nunez.

"Companies that have not prioritized rapid mitigation for these known risks should consider their systems compromised and take immediate and appropriate action" Nunez added.
Read more »
SoftMaker Office
Application Vulnerability Cisco Talos malware SoftMaker Office

Cisco Talos Researchers Discovered Multiple Susceptibilities in SoftMaker Office TextMaker

 

Cisco Talos researchers exposed multiple vulnerabilities in SoftMaker Office TextMaker that can be exploited by cyber attackers. These vulnerabilities in SoftMaker office can be exploited for arbitrary code execution by generating malicious documents and deceiving victims into opening them. 

SoftMaker Office TextMaker is a German-based software developer; it has various suites like a spreadsheet, word processing, presentation, and database software components, and all these well-liked software suites are presented to individuals and enterprises. The common and internal document file formats also acquire the support of the SoftMaker office suite. 

The foremost issue is a sign extension bug, CVE-2020-13544 which influences the document-analyzing functionality of SoftMaker Office TextMaker 2021 and the subsequent vulnerability has been traced as CVE-2020-13545 which is a sign altering flaw in the same document-analyzing of the application. 

Cisco Talos researchers illustrated that “a specially crafted document can cause the document parser to sign-extend a length used to terminate a loop, which can later result in the loop’s index being used to write outside the bounds of a heap buffer during the reading of file data”. A heap-based memory can be corrupted by an attacker who can adeptly design a document which can lead to the document analyzer. 

The document analyzer can misjudge the length while assigning a buffer which will lead the application to be written outside the bounds of the buffer. Traced as CVE-2020-13546, the flaw is detected to affect the SoftMaker Office 2021 by integer overflow susceptibility. 

SoftMaker office 2021 was evaluated with a Common Vulnerability Scoring System (CVSS) of 8.8 and now all three vulnerabilities are secured. The most threatening issue was that the attacker can exploit the loophole in the SoftMaker office in 2021 from any remote location.
Read more »
KNOB
Application Vulnerability Bluetooth Flaw Bluetooth-enabled devices KNOB

Security flaw in Bluetooth-enabled devices






A group of security researchers at the Center for IT-Security, Privacy, and Accountability (CISPA) found a flaw that could affect billions of Bluetooth-enabled devices, which includes smartphones, laptops, smart IoT devices, and other devices.

The experts named the vulnerability as CVE-2019-9506 and they tagged it as a KNOB (Key Negotiation of Bluetooth).

According to the researchers, the flaw in Bluetooth’s authentication protocols enables hackers to compromise the devices and spy on data transmitted between the two devices. The astonishing fact about the flaw is that the hackers could exploit this vulnerability even though the devices had been paired before.

However, the KNOB’s official website, every standard-compliant Bluetooth device could be exploited. “We conducted KNOB attacks on more than 17 unique Bluetooth chips (by attacking 24 different devices). At the time of writing, we were able to test chips from Broadcom, Qualcomm, Apple, Intel, and Chicony manufacturers. All devices that we tested were vulnerable to the KNOB attack,” it reads.

Bluetooth SIG has issued a security notice regarding the vulnerability.

  • Conditions for a successful attack:
  • Both the devices have to be vulnerable
  • Both the devices have to be within the range establishing a BR/EDR connection. If any of the devices are not affected by the vulnerability, the attack wouldn’t work
  • Direct transmissions between devices while pairing has to be blocked
  • Existing connections won’t lead to a successful attack — it has to be done during negotiation or renegotiation of a paired device connection


Bluetooth  SIG has started working on updating a remedy for the flaw. 
Read more »
Networks Breached
Application Vulnerability Darkweb hackers DHCP. Hacker Network Attacks Networks Breached

Vulnerability in DHCP client let hackers take control of network

A critical remote code execution vulnerability that resides in the DHCP client allows attackers to take control of the system by sending malicious DHCP reply packets.

A Dynamic Host Configuration Protocol (DHCP) Client allows a device to act as a host requesting-configuration parameter, such as an IP address from a DHCP server and the DHCP client can be configured on Ethernet interfaces.

In order to join a client to the network, the packer required to have all the TCP/IP configuration information during DHCP Offer and DHCP Ack.

DHCP protocol works as a client-server model, and it is responsible to dynamically allocate the IP address if the user connects with internet also the DHCP server will be responsible for distributing the IP address to the DHCP client.

This vulnerability will execution the remote code on the system that connected with vulnerable DHCP client that tries to connect with a rogue DHCP server.

Vulnerability Details The remote code execution vulnerability exactly resides in the function of dhcpcore.dll called “DecodeDomainSearchListData” which is responsible for decodes the encoded search list option field value.

During the decoding process, the length of the decoded domain name list will be calculated by the function and allocate the memory and copy the decoded list.

According to McAfee research, A malicious user can create an encoded search list, such that when DecodeDomainSearchListData function decodes, the resulting length is zero. This will lead to heapalloc with zero memory, resulting in an out-of-bound write.

The vulnerability has been patched, and it can be tracked as CVE-2019-0547, The patch includes a check which ensures the size argument to HeapAlloc is not zero. If zero, the function exits.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.
Read more »
Application Vulnerability
Apple Security Application Vulnerability

How the Mackeeper failed to secure Mac


Mackeeper, the program designed to keep Mac computers secure suffers from a critical remote code execution vulnerability.

This flaw lies in the lack of input validation during the handling of custom URLs by the program. It allows hackers to execute arbitrary commands with root privilege with little to no user interaction. It can happen when users visited specially crafted webpages in the Safari browser.

If the user had already provided their password to MacKeeper during normal course of operation of the program, the user will not be alerted for their password prior to the execution of the arbitrary command.

If the user did not previously authenticate, they will be prompted to enter their authentication details, however, the text that appears for the authentication dialogue can be manipulated to appear as anything, so the user might not realize the true consequences of the action.

The vulnerability, quite possibly a zero-day one was discovered by security researcher Braden Thomas who released a demonstration link as proof-of-concept (POC) through which the Mackeeper program was automatically un-installed upon simply clicking the external link. 

Mackeeper is a controversial program amongst the Mac users owing to its pop-up and advertisements, but apparently has 20 million downloads worldwide.

The vulnerability existed even in  the latest version 3.4. The company has advised users to run Mackeeper update tracker and install 3.4.1 or later. For users who have not updated, they can use a browser other than Safari or remove the custom URL scheme handler from Mackeeper's info.plist file.
Read more »
Vulnerability
Application Vulnerability directory traversal vulnerability VMware View directory traversal vulnerability Vmware vulnerability Vulnerability

VMware Patches critical directory traversal vulnerability in its VMware View


VMware has patched a critical directory traversal vulnerability in its View VMWare desktop virtualization platform that could allow a hacker to access arbitrary files from affected View Servers.

The vulnerability affects both the View Connection Server and the View Security Server. The vulnerability was discovered by Digital Defense, a security service provider.

According to VMware advisory, the affected versions are View 5.x prior to 5.1.2 and 4.x prior to 4.6.2. Users are advised to upgrade to the latest version.

Users who are unable to immediately update their View Servers are advised to "Disable security server" or "blocking directory traversal attacks with an intrusion detection/prevention system or an application firewall".
Read more »
Vulnerability
Application Vulnerability Vulnerability

CVE-2012-4170 : Adobe fixes Buffer Overflow Vulnerability in Photoshop


Adobe has released an update to Photoshop CS6 with version 13.0.1. This update closes a critical Remote Buffer overflow vulnerability in the PNG Image Processing.

Francis Provencher has discovered a vulnerability in Adobe Photoshop CS6, which can be exploited by malicious people to compromise a user's system.

According to Secunia advisory, The vulnerability is caused due to a boundary error in the "Standard MultiPlugin.8BF" module when processing a Portable Network Graphics (PNG) image. This can be exploited to cause a heap-based buffer overflow via a specially crafted "tRNS" chunk size.

Successful exploitation may allow execution of arbitrary code, but requires tricking a user into opening a malicious image.

The vulnerability is reported in versions 13.x only for Windows and Macintosh (confirmed in 13.0 20120315.r.428 on Windows).

Users can upgrade to Photoshop CS6 13.0.1 by selecting "Updates" under the Photoshop Help menu; this will launch the Adobe Application Manager, allowing users to select and install the update.
Read more »
Subscribe to: Posts (Atom)