1-616-951-1166 info@vdalabs.com

Feature: Fresh Talks from the VDA Team

This week we are excited to share the videos from our DerbyCon talks that VDA team members gave over the past weekend. Find the link in the last section of this message!


Contents

  • Security News
  • Latest Vulnerabilities
  • Check out Our DerbyCon Talks!

Top Security News

Metasploit BlueKeep is Here!

The security community has been awaiting the drop of a publicly available exploit for the BlueKeep vulnerability (CVE-2019-0708) in Remote Desktop that was disclosed a few months back, and now is the time! The Metasploit team has released a module for the popular framework that allows anyone to use the exploit.

This could potentially make it more likely that a worm could be seen in the near future impacting these systems.

https://www.zdnet.com/article/metasploit-team-releases-bluekeep-exploit/

Apple iOS Has a Bad Few Weeks

Over the past several weeks several end to end exploit chains for the iOS ecosystem have come to light, some care of Google’s Project Zero. The recent weaknesses in iOS have caused some to speculate that Android phones may ultimately be more secure in some cases, at this time, due to avoiding the “iOS monoculture” that makes it easier to target Apple products due to more consistency of software versions and fewer device types.

This comes after a week in which Apple accidentally un-patched another area of the software that was used for rooting phones for some period of time.

https://arstechnica.com/information-technology/2019/09/apple-takes-flak-for-disputing-ios-security-bombshell-dropped-by-google/

https://www.bleepingcomputer.com/news/security/ios-124-jailbreak-released-after-apple-unpatches-older-bug/

SIM Swapping in the Spotlight

If you pay attention to security over the past few years, you have likely heard horror stories around so called “Sim Swapping” attacks. This is where an attacker convinces a cell phone company to fraudulently transfer a phone number to them, in order to gain access to sensitive accounts. This type of attack was recently used against Jack Dorsey (the CEO of Twitter) to gain access to his account, and has since been gaining national attention, such as in the NY Times article below:

https://www.nytimes.com/2019/09/05/technology/sim-swap-jack-dorsey-hack.html

DeepFakes Coming to a Scam Near You

Over the past week it was discovered that a company in the UK was hit with a new evolution of a classic scam and it cost them ~$243,000. The company was hit with a version of the classic “Business Email Compromise” (BEC) scam asking to wire transfer, however the trick was that the attackers used DeepFake audio to forge a voicemail that sounded convincing enough to trick the company into sending the wire.

DeepFakes use machine learning to train a system to produce an accurate imitation of the victim. With many organizations struggling to cope with normal BEC scams, this upgrade in tactics is sure to pay off over time. Be sure you have proper controls in place to block such fraudulent wire transfers.

https://nakedsecurity.sophos.com/2019/09/05/scammers-deepfake-ceos-voice-to-talk-underling-into-243000-transfer/

Recommended Reading – Continuous Delivery & Continuous Compliance

Some of our readers on the “maker” side of the house will appreciate this blog post on “Continuous Compliance”. It talks about how the CI/CD pipeline can be used to great effect to monitor compliance status for development shops – leaving no doubt for regulated organizations as to the current compliance status.

Some orgs find adopting CI/CD challenging and also think that older “waterfall” gate-based releases help ensure compliance, but this might be a different perspective to consider.

http://www.davefarley.net/?p=285


Recent Vulnerabilities

NetCAT Leaks Intel CPU Sensitive Data

It’s not the netcat you would expect, NetCAT (NetworkCacheATack) is a new technique developed by researchers to leak sensitive info from Intel server CPUs via a sidechannel attack. The attack targets an Intel technology called Data-Direct I/O (DDIO) and could theoretically be used to snoop on SSH sessions, for example.

https://threatpost.com/intel-cpus-vulnerable-data-leakage-netcat/148221/

Exim – Again.

We reported a few weeks ago on a major vulnerability in the Exim mail server that allowed for remote code execution. It seems another serious vulnerability has been discovered that could also allow for RCE and be built into a worm. Exim is a mail server that commonly runs on linux/unix operating systems – with over 500,000 hosts exposed to the internet.

https://www.bleepingcomputer.com/news/security/critical-exim-tls-flaw-lets-attackers-remotely-execute-commands-as-root/


DerbyCon Talks & Retrospective

The VDA team has published a new blog post to our website that features both of our DerbyCon talks from the past week, as well as a brief retrospective on the conference as it comes to a final conclusion.

Talks feature:

  • Using Next-Gen Fuzzing Tools
  • Old Tools, New Tricks: Hacking WebSockets

Check it out at our here: DerbyCon Retrospective