This Week in Security News – February 4th, 2022

This Week in Security News – February 4th, 2022

Read on:  The Samba Vulnerability: What is CVE-2021-44142 and How to Fix It An earlier version of an out-of-bounds (OOB) vulnerability in Samba was disclosed via Trend Micro Zero Day Initiative’s (ZDI) Pwn2Own Austin 2021. While we have not seen any active attacks exploiting this vulnerability, CVE-2021-44142 received a CVSS rating of 9.9 out of the three variants reported. If abused, this security gap can be used by remote attackers to execute arbitrary code as…

Read More

The Samba Vulnerability: What is CVE-2021-44142 and How to Fix It

The Samba Vulnerability: What is CVE-2021-44142 and How to Fix It

An earlier version of an out-of-bounds (OOB) vulnerability in Samba was disclosed via Trend Micro Zero Day Initiative’s (ZDI) Pwn2Own Austin 2021. ZDI looked further into the security gap and found more variants of the vulnerability after the event and subsequently disclosed the findings to the company. While we have not seen any active attacks exploiting this vulnerability, CVE-2021-44142 received a CVSS rating of 9.9 out of the three variants reported. If abused, this security…

Read More

Defending the Supply Chain: Why the DDS Protocol is Critical in Industrial and Software Systems

Defending the Supply Chain: Why the DDS Protocol is Critical in Industrial and Software Systems

By measuring the exposure of DDS services, in one month we found 643 distinct public-facing DDS services in 34 countries affecting 100 organizations via 89 internet service providers (ISPs). Of the DDS implementations by seven distinct vendors (one of which we were initially unaware of), 202 leaked private IP addresses (referring to internal network architecture details), and seven supposedly secret URLs. Some of these IP addresses expose unpatched or outdated DDS implementations, which are affected…

Read More

This Week in Security News – January 21, 2022

This Week in Security News – February 4th, 2022

Read on: Cybersecurity for Industrial Control Systems: Part 1 In this two-part series, Trend Micro looks at cybersecurity threats that affected industrial control systems endpoints and shares insights and recommendations to mitigate such threats. Trend Micro’s expert team extensively studied reported malware families in ICS endpoints to validate ICS security and establish a global baseline for examining threats that put these systems at risk. CISA Urges US Orgs to Prepare for Data-Wiping Cyberattacks Ukraine government…

Read More

Defending Users’ NAS Devices From Evolving Threats

Defending Users’ NAS Devices From Evolving Threats

Defending Users’ NAS Devices From Evolving Threats In our latest research, we analyze the threats targeting well-known brands of network-attached storage (NAS) devices. By: Stephen Hilt, Fernando Merces January 20, 2022 Read time:  ( words) Threats to the internet of things (IoT) continue to evolve as users and businesses grow increasingly reliant on these tools for constant connectivity, access to information and data, and workflow continuity. Cybercriminals have taken notice of this dependence and now…

Read More

Analyzing an Old Bug and Discovering CVE-2021-30995

Analyzing an Old Bug and Discovering CVE-2021-30995

On April 26, 2021 Apple patched CVE-2021-1740, which was a vulnerable function inside the system daemon process cfprefsd (these types of processes usually run in the background and handle system tasks). The bug could have been exploited to read arbitrary files, write arbitrary files, and get root privilege escalation. It was addressed in Apple’s Security Update 2021-002 (Catalina) for a variety of Apple operating systems, including iOS and macOS. However, in early August 2021, Zhipeng…

Read More

LoRaWAN’s Protocol Stacks: The Forgotten Targets at Risk

LoRaWAN’s Protocol Stacks: The Forgotten Targets at Risk

First, we compiled the code into something easily handled by a fuzzer. For our purposes, we used the generation method that will allow us to cover as many code paths as possible with legitimate and dumb fuzzing using the AFL++ framework (evolution of AFL). This supplies some instrumentation for mutating pseudorandom bits, bytes, and words. We also attempted to collect every type of message that could be interpreted by the parser. We used the persistent…

Read More

This Week in Security News – January 7, 2022

This Week in Security News – February 4th, 2022

Read on: Are Endpoints at Risk for Log4Shell Attacks The end of 2021 saw the emergence of the Log4Shell (CVE-2021-44228) vulnerability, a critical vulnerability in the ubiquitous Java logging package Apache Log4j. Exploiting Log4Shell via crafted log messages can allow an attacker to execute code on remote machines. The potential impact of this vulnerability is great enough that it scores a 10.0 rating based on CVSS version 3.x and a 9.3 rating based on CVSS…

Read More

Examining Log4j Vulnerabilities in Connected Cars and Charging Stations

Examining Log4j Vulnerabilities in Connected Cars and Charging Stations

Evidence of attacks using the Log4j vulnerability was also shown in a test that triggered a bug on a Tesla car. For this case, the source does not provide much information on where it was actually executed. Nevertheless, this means that the exploitation of the vulnerability could still have an impact on the user’s privacy and the general security of the car because a back-end compromise could allow attackers to push actions to the car…

Read More

The Log4j story, and how it has impacted our customers

The Log4j story, and how it has impacted our customers

The security research community had been expecting something like this to come along for a while. So it was with a sense of dread that we read news of a newly discovered CVSS 10.0 vulnerability in early December. The impact is already being felt around the globe as threat actors scramble to exploit the bug before defenders can apply their patches. It is a story that could take months or even years to play out….

Read More
1 5 6 7 8 9