November 19th, 2009

Inside the Google Chrome OS security model

Posted by Ryan Naraine @ 11:54 am

Categories: Apple, Arbitrary Code Execution, Browsers, Data theft, Denial of Service (DoS), Exploit code, Hackers, Microsoft, Open source, Passwords, Patch Watch, Responsible disclosure, Viruses and Worms, Vulnerability research, iPhone

Tags: Google Inc., Operating System, Web Browser, Google Chrome, Attack, End Goal, Web Browsers, Operating Systems, Security, Internet

Google plans to use a combination of system hardening, process isolation, verified boot, secure auto-update and encryption to thwart malicious hackers from planting malware on its new Google Chrome OS. Read the rest of this entry »

November 18th, 2009

Mozilla locks out rogue Firefox add-ons

Posted by Ryan Naraine @ 10:33 am

Categories: Anti Virus, Arbitrary Code Execution, Browsers, Denial of Service (DoS), Exploit code, Firefox, Malware, Microsoft, Mozilla, Open source, Patch Watch, Vulnerability research

Tags: Mozilla Firefox, Mozilla Corp., Migration Document, Web Browsers, Internet, Ryan Naraine

Mozilla has made a significant tweak to this Firefox 3.6 code base to block rogue add-ons from loading in the browser’s application components directory.

This will most certainly block developers and software vendors from silently installing Firefox add-ons without explicit user permission.  It will also significantly reduce browser crashes linked to third-party add-ons, Mozilla said. Read the rest of this entry »

November 16th, 2009

Microsoft confirms 'detailed' Windows 7 exploit

Posted by Ryan Naraine @ 10:25 am

Categories: Arbitrary Code Execution, Browsers, Denial of Service (DoS), Exploit code, Microsoft, Passwords, Patch Watch, Punditocracy, Vulnerability research, Windows Vista

Tags: Denial Of Service, Web, Attacker, Vulnerability, Microsoft Corp., Web Site, Small And Medium Business, Microsoft Windows 7, Microsoft Windows, Smb/Sme

Microsoft has issued a security advisory to acknowledge a crippling denial-of-service flaw affecting its newest operating systems — Windows 7 and Windows Server 2008 R2.

Exploit code for the vulnerability was released by researcher Laurent Gaffié after failed attempts to get Microsoft’s security response center to acknowledge that this was an issue that needs to be patched (SEE UPDATE BELOW). Read the rest of this entry »

November 11th, 2009

Apple Safari exposes Windows to drive-by download attacks

Posted by Ryan Naraine @ 1:37 pm

Categories: Apple, Arbitrary Code Execution, Browsers, Data theft, Denial of Service (DoS), Exploit code, Malware, Microsoft, Passwords, Patch Watch, Pen testing, Responsible disclosure, Spyware and Adware, Vulnerability research

Tags: Apple Macintosh, Apple Safari, Microsoft Windows XP, Microsoft Windows Vista, Apple Inc., Attack, WebKit, Microsoft Windows, Apple Mac OS X, Apple Mac OS

Apple today shipped Safari 4.0.4 to fix a total of seven security flaws that expose Windows and Mac users to a wide range of malicious hacker attacks.

The high-priority update patches vulnerabilities that allow remote code execution (drive-by downloads) if a user simply surfs to a maliciously rigged Web site.  Some of the issues affect Microsoft’s new Windows 7 operating system.
Read the rest of this entry »

November 3rd, 2009

Adobe Shockwave haunted by critical security holes

Posted by Ryan Naraine @ 12:12 pm

Categories: Adobe, Arbitrary Code Execution, Browsers, Data theft, Exploit code, Flash, Malware, Patch Watch, Pen testing, Responsible disclosure, Spam and Phishing, Viruses and Worms, Vulnerability research

Tags: Adobe Systems Inc., Shockwave, Vulnerability, Shockwave Player, Security, Ryan Naraine

Adobe today released a patch to fix several serious security flaws in its Shockwave Player software.

The update, which is rated “critical,” addresses a total of five documented vulnerabilities.  The most serious flaw could allow remote code execution attacks against Windows and Mac users. Read the rest of this entry »

October 28th, 2009

Firefox hit by multiple drive-by download flaws

Posted by Ryan Naraine @ 7:34 am

Categories: Arbitrary Code Execution, Botnets, Browsers, Data theft, Denial of Service (DoS), Exploit code, Firefox, Malware, Mozilla, Open source, Passwords, Patch Watch, Privacy, Responsible disclosure, Vulnerability research

Tags: Mozilla Firefox, Attacker, Flaw, Vulnerability, Web Browser, Mozilla Corp., Web Browsers, Security, Internet, Ryan Naraine

Mozilla’s flagship Firefox browser is vulnerable to at least 11 “critical” vulnerabilities that expose users to drive-by download attacks that require no user interaction beyond normal browsing.

The open-source group shipped Firefox 3.5.4 with patches for the vulnerabilities, which range from code execution risk to the theft of information in the browser’s form history. Read the rest of this entry »

October 16th, 2009

Oracle to fix 38 database, product vulnerabilities

Posted by Ryan Naraine @ 10:12 am

Categories: Arbitrary Code Execution, Browsers, Data theft, Denial of Service (DoS), Exploit code, Locally Running Web Servers, Open source, Oracle, Passwords, Responsible disclosure, Vulnerability research

Tags: Database, Oracle Corp., Vulnerability, Authentication, Security, Ryan Naraine

Oracle has announced plans to ship a Critical Patch Update (CPU) with fixes for at least 38 security vulnerabilities in a wide range of database and server products.

The most serious vulnerabilities (CVSS score of 10.0) affect Oracle Core RDBMS, Oracle JRockit and Oracle Network Authentication. The patches are due on Tuesday, October 20, 2009.

Read the rest of this entry »

October 9th, 2009

New Adobe PDF flaw under attack; Patch coming Tuesday

Posted by Ryan Naraine @ 8:03 am

Categories: Adobe, Anti Virus, Arbitrary Code Execution, Browsers, Complex Attacks, Data theft, Denial of Service (DoS), Exploit code, Hackers, Malware, Patch Watch, Pen testing, Research, Responsible disclosure, Spam and Phishing, Spyware and Adware, Viruses and Worms, Vulnerability research, Zero-day attacks

Tags: Adobe Systems Inc., Adobe PDF, Adobe Acrobat, Flaw, Adobe Acrobat Reader, Attack, Microsoft Windows, Security, Viruses And Worms, Operating Systems

Adobe has confirmed a critical, unpatched vulnerability in its PDF Reader/Acrobat software is being exploited by malicious attackers.

The vulnerability affects Adobe Reader and Acrobat 9.1.3 and earlier versions on Windows, Macintosh and UNIX.  Adobe described the in-the wild attacks as limited and targeted, suggesting PDF documents rigged with exploits are being attached to e-mails and sent to business targets.

Read the rest of this entry »

September 29th, 2009

Windows SMB2 exploit now public; Expect in-the-wild attacks soon

Posted by Ryan Naraine @ 3:09 am

Categories: Anti Virus, Arbitrary Code Execution, Botnets, Browsers, Complex Attacks, Data theft, Denial of Service (DoS), Malware, Metasploit, Microsoft, Passwords, Spam and Phishing, Spyware and Adware, Vulnerability research, Windows Vista

Tags: Vulnerability, Microsoft Windows Vista, Microsoft Corp., Exploit, Attack, Microsoft Windows, Operating Systems, Security, Software, Ryan Naraine

Fully functional exploit code for the (still unpatched) Windows SMB v2 vulnerability has been released to the public domain via the freely available Metasploit point-and-click attack tool, raising the likelihood for remote in-the-wild code execution attacks.

Read the rest of this entry »

September 25th, 2009

Malware affiliate bounty: Infect a Mac, earn 43 cents

Posted by Ryan Naraine @ 6:03 am

Categories: Adobe, Anti Virus, Apple, Botnets, Browsers, Data theft, Denial of Service (DoS), Exploit code, Flash, Locally Running Web Servers, Malware, Passwords, Patch Watch, Spam and Phishing, Spyware and Adware, Viruses and Worms, Vulnerability research

Tags: Web, Apple Macintosh, Malware, Desktops, Hardware, Ryan Naraine

GENEVA — In a sign that cyber-criminals are investing more time and resources into attacks against Apple’s Mac users, a new malware affiliate program has been discovered offering 43c for every infected Mac machine.

During an eye-opening presentation at the VB Conference 2009 conference here, Sophos Labs researcher Dmitry Samosseikko provided a glimpse into the “Partnerka,” a Russian network of spam and malware affiliates that have turned their attention to the Mac platform — using social engineering tricks to load fake codecs and scareware programs.

Read the rest of this entry »