Security News
The AWS marketplace also includes tens of thousands of Community AMIs. "The issue is with the Community AMIs and that there are no checks and balances. Anybody can create one and put it in the Community AMI library. That includes ones with malicious executables."
Researchers are urging connected-device manufacturers to ensure they have applied patches addressing a flaw in a module used by millions of Internet-of-Things devices. "Some of these will be the vulnerable module, and an attacker will then have an assortment of phone numbers and associated code retrieved from the device at that number. By inserting backdoors into the code and writing them back, the attacker would be in control of various IoT devices around the world."
An active campaign has been spotted that utilizes HTML smuggling to deliver malware, effectively bypassing various network security solutions, including sandboxes, legacy proxies and firewalls. Krishnan Subramanian, security researcher with Menlo Security, told Threatpost that the campaign uncovered on Tuesday, dubbed "Duri," has been ongoing since July.
Emotet, a notorious email-based malware behind several botnet-driven spam campaigns and ransomware attacks, contained a flaw that allowed cybersecurity researchers to activate a kill-switch and prevent the malware from infecting systems for six months. "However, it's important to keep in mind that malware is software that can also have flaws. Just as attackers can exploit flaws in legitimate software to cause harm, defenders can also reverse-engineer malware to discover its vulnerabilities and then exploit those to defeat the malware."
Emotet, a notorious email-based malware behind several botnet-driven spam campaigns and ransomware attacks, contained a flaw that allowed cybersecurity researchers to activate a kill-switch and prevent the malware from infecting systems for six months. "However, it's important to keep in mind that malware is software that can also have flaws. Just as attackers can exploit flaws in legitimate software to cause harm, defenders can also reverse-engineer malware to discover its vulnerabilities and then exploit those to defeat the malware."
Army researchers have been awarded a patent for inventing a practical method for Army wireless devices to covertly authenticate and communicate. The researchers, including Drs. Paul Yu and Brian Sadler from the U.S. Army CCDC's Army Research Laboratory and Prof. Rick Blum and Dr. Jake Perazzone from Lehigh University, have invented a method to perform two tasks simultaneously: verifying the authenticity of wireless communications and communicating secret information.
Microsoft failed to properly address an elevation of privilege vulnerability in the Windows Local Security Authority Subsystem Service, the Google Project Zero researcher who discovered the issue says. "LSASS doesn't correctly enforce the Enterprise Authentication Capability which allows any AppContainer to perform network authentication with the user's credentials," Project Zero security researcher James Forshaw noted in May. At the time, the researcher explained that the issue is related to a legacy AppContainer capability providing access to the Security Support Provider Interface, likely meant to facilitate the installation of line of business applications within enterprise environments.
Calling a patch for the flaw a "Fail" and "Inadequate in blocking exploitation," Austin-based security researcher Amir Etemadieh published details and examples of exploit code on three developer platforms- Bash, Python and Ruby-for the patch in a post published Sunday night. The key problem with the patch issued for the zero day is related to how the vBulletin template system is structured and how it uses PHP, he wrote in the post.
Popular video conferencing app Zoom has addressed several security vulnerabilities, two of which affect its Linux client that could have allowed an attacker with access to a compromised system to read and exfiltrate Zoom user data-and even run stealthy malware as a sub-process of a trusted application. After Ahmed privately reported the issues to Zoom in April and subsequently in July, the company issued a fix on August 3.
A team of Chinese researchers has described the analysis process that resulted in the discovery of 19 vulnerabilities in a Mercedes-Benz E-Class, including flaws that can be exploited to remotely hack a car. The researchers conducted their analysis on a real Mercedes-Benz E-Class and demonstrated how a hacker could have remotely unlocked the car's doors and started its engine.