Attacks & Vulnerabilities
|
CUPS: A Critical 9.9 Linux Vulnerability Reviewed (3 minute read)
A critical Linux vulnerability in the Common UNIX Printing System (CUPS) allows attackers to execute commands on a target computer via malicious print jobs. The vulnerability requires specific conditions to be exploited, such as enabling the cups-browsed service and having access to the target server. Mitigation involves disabling cups-browsed and blocking traffic to UDP port 631.
|
HPE Aruba Networking fixes critical flaws impacting Access Points (2 minute read)
HPE Aruba Networking has fixed critical vulnerabilities in its Access Points that allowed attackers to execute code remotely. Attackers could exploit the flaws by sending specially crafted packets to the PAPI UDP port. Admins are urged to install security updates to prevent potential attacks, with workarounds available for temporary protection.
|
Over 90M French Records Exposed (4 minute read)
Cybernews and another security researcher discovered an exposed Elasticsearch instance containing 90M records on French citizens (France has a population of 67.79M). The data seems to have been collected by a data hoarder and comprises data from at least 17 breaches. The data contains full names, phone numbers, physical addresses, email addresses, partial payment information, and other data.
|
|
Hacking Kia: Remotely Controlling Cars With Just a License Plate (33 minute read)
This post describes in detail a vulnerability in Kia's remote activation system that allowed an attacker to remotely control Kia vehicles using just a license plate number. The attack flow involved generating dealer tokens, retrieving victim information, and modifying access to take control of the vehicle. While this vulnerability has been fixed and the the hacking tool was never released or used maliciously, similar vulnerabilities may be present in other manufacturer's systems.
|
Applying Security Engineering to Make Phishing Harder - A Case Study (7 minute read)
Doyensec conducted a security review for a client's communication platform to prevent phishing and social engineering attacks. Vulnerabilities such as file extension bypass and subdomain crafting were identified and addressed. Recommendations included removing trailing dots in filenames and implementing stricter URL filtering to enhance security.
|
CVE Hunting Made Easy (7 minute read)
An automated process hunting for CVEs at scale across all WordPress plugins resulted in 14 new CVEs over three afternoons of work. The process involved downloading and cataloging all WordPress plugins, then running Semgrep on any plugins with recent releases and at least one install. Any findings were then manually reviewed and exploits were attempted. A worked example of the process is included at the end of the blog post.
|
|
Unicorn Engine v2.1.0 (GitHub Repo)
Unicorn emulator framework's 2.1.0 release introduces significant performance improvements, including up to 40x faster write speeds and optimized memory allocation. The release brings enhanced cross-platform support, full M1 compatibility, restored Python 2 compatibility, and new or improved bindings for Python, Java, and .NET. Other new features include QEMU logging revival, snapshot memory support, MMU bypass option, and various improvements across different architectures like RISCV and PPC32.
|
Dna (GitHub Repo)
Dna is a static binary analysis framework built on top of LLVM, mostly written in C#. It includes features like control flow graph reconstruction and jump table solving. Dna supports x86_64 architecture but recompiled code is not CET compliant and requires custom patches to build on Windows.
|
|
Cybersecurity Burnout is a Real Risk (3 minute read)
67% of respondents on ISC surveys feel like there is a shortage of staffing and 90% of organizations have a security skills gap, highlighting the fact that cybersecurity professionals at all levels are experiencing burnout. Organizations should take these statistics into account and aid their security teams. CISOs should push boundaries, advocate for their teams, and be cognizant of burnout potential in their organizations.
|
NIST Proposes New Password Requirements (2 minute read)
NIST has released a new draft of SP 800-63-4 that contains Digital Identity Guidelines. Notably, this version bars requirements for security questions, periodic password resets, and forced usage of specific character classes. Other notable inclusions are recommendations to use a 15-character minimum and requirements to accept all printing ASCII characters, accept Unicode characters, and implement a password maximum of at least 64 characters.
|
Find the Right OSINT Tools With Bellingcat's New Online Investigations Toolkit (5 minute read)
Bellingcat has published a new version of its Online Investigations Toolkit based on interviews with practitioners. The new toolkit is divided into categories to make locating tools easier and features in-depth descriptions of the tools, whether they are free or paid, and sample usage. Bellingcat is treating this version as collaborative and will be updating it based on community feedback.
|
|
|
Love TLDR? Tell your friends and get rewards!
|
|
Share your referral link below with friends to get free TLDR swag!
|
|
|
|
| Track your referrals here. |
|
Want to advertise in TLDR? π°
|
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to advertise with us.
If you have any comments or feedback, just respond to this email!
Thanks for reading,
Prasanna Gautam, Eric Fernandez & Sammy Tbeile
|
|
|
|