Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label VPNS.. Show all posts

Flaw in Palo Alto VPN Solution Puts Uber and Other Enterprises at Risk




A critical vulnerability has been discovered in Palo Alto GlobalProtect SSL VPN software, the bug, somewhat unusual and is apparently said to be utilized by big enterprise companies over the globe, including the 'ride-hailing platform' Uber.

Used to make secure channels and Virtual Private Network (VPN) tunnels for remote workers - however was discreetly existing in more established adaptations i.e. the older adaptations, the bug has been fixed with the release of recent solutions.

Researchers depict the bug as format string vulnerability in the PAN SSL Gateway, which handles clients/server SSL handshakes.

The issue lies in how the gateway handles specific value parameters without legitimate sanitization, and an attacker sending a 'crafted request' to a vulnerable SSL VPN target is sufficient to trigger an exploit easily.

As per Palo Alto's security advisory, ‘the remote code execution flaw, tracked as CVE-2019-1579, is present in GlobalProtect portal and GlobalProtect Gateway products…’
The vulnerability in old renditions of the product was first discovered and revealed by Devcore researchers Orange Tsai and Meh Chang in a blog entry just a week ago, a further examination found that there was no assigned CVE.

The "silent fix" RCE was not replicable on the most recent rendition of GlobalProtect, regardless of the success with the older variations.

After investigation and exploring a bit the researchers revealed just about 22 Uber-owned servers utilizing a vulnerable version of GlobalProtect.

Nevertheless Uber tackled the issue as soon as it was made aware of it and further clarified that, “Palo Alto SSL VPN was not the primary VPN in use by the majority of staff members, and the software was hosted in AWS rather than embedded within core infrastructure and so the potential impacted was deemed ‘low’...”
A partial proof-of-concept (PoC) has likewise been released after the discoveries provoked Palo Alto to publish a warning and the vulnerability's CVE was then assigned.

Indeed, even after Uber's potential exposure may have been low as the older software was facilitated in AWS, yet that does not mean other enterprises and companies may not be vulnerable. It is therefore, prescribed that users update to a much recent version as fast as they could given the circumstances.

Leaked US Army Cyber Protection Brigade Memorandum appears to show Privacy Solutions compromised




The picture being referred to is a leaked picture of a memorandum on image board 4chan, complete with Department of Defence letterhead, seeming, by all accounts, to be from the United States Army’s Cyber Protection Brigade.

The posted picture displays an official document brought up on a terminal screen, on one side of which is a Common Access Card or CAC, complete with picture, conventional of a Department of Defence employee. It seems, by all accounts, to be a legitimate one, however it reeks of incredulity and skepticism. Be that as it may, it's as yet not clear with respect to why somebody would want this data leaked.

However another sensible theory can be that, there might be some sort of involvement of the cryptocommunity. Nevertheless an extraordinary method to constrain utilization of privacy solutions is to convey into the environment rumours about their being anything but, a sort of scheming way of spreading trepidation, uncertainty and doubt.

 “The success we have had with Tor, I2P, and VPN, cannot be replicated with those currencies that do not rely on nodes. There is a growing trend in the employment of Stealth addresses and ring signatures that will require additional R&D.” reads the document.

the memo's first line uncovers a unit required with the National Security Administration (NSA) and Cyber Protection Team (CPT) encouraging all the more financing for "new contracts and extra subsidizing to meet GWOT and drug interdiction targets aimed in July's Command update brief," Global War On Terror (GWOT) being a go-to pretext for about two decades of obtrusive military and law enforcement action.

“In order to put the CPT back on track, we need to identify and employ additional personnel who are familiar with the Crypto Note code available for use in anonymous currencies,” the memo stressed.
Crypto Note which is likewise the application layer for privacy tokens, for example, Bytecoin (BCN), Monero (XMR), utilizes a memory bound function which is hard to pipeline, that the pertinent agencies entrusted with monitoring and tracking internet solutions, and now coins, needs outside help with Crypto Note may say a lot about where the different government divisions are in terms of their security keenness.

The picture was distributed among Steemit, Veekly, and even Warosu exactly five months back, yet outlets, for example, Deep Dot Web may claim to have broken news. The document but is as yet worth dissecting, assuming its legitimacy.


As far as concerns its, Deep Dot Web claims to have contacted "a Monero developer, who spoke on state of obscurity," and the dev "said that the vast majority of the Monero engineers who have seen the leak trust it to be true. A few sources who were some time ago in the Armed force have additionally said they trust the report to be genuine." Offering ascend to the way that the contents of the document do give off an impression of being totally conceivable.