Malware, Vulnerability management

Mudge, Tox P2P Messenger, 8 Year Old Linux Flaws, Dirty Pipe, & Unix Legends – PSW #753

This week in the Security News: Crypto Miners Using Tox P2P Messenger as Command and Control Server, 8-year-old Linux Kernel flaw DirtyCred is nasty as Dirty Pipe, & Janet Jackson music video given CVE for crashing laptops, & more!

Segment Resources:

Use code "securityweekly" to save 10% off Hack Red Con tickets at https://www.hackredcon.com/

Full episode and show notes

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Guests

Daniel Niefeld
Daniel Niefeld
CFO & Co-Founder at Hack Red Con
Zachary Stashis
Zachary Stashis
CEO at Hack Red Con

Founder of Hack Red Con and Red Seer Security, Red Teamer, Bug Hunter, and Mentor.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
  1. 1. Microsoft warns that KB5012170 update may cause 0x800f0922 error
  2. 2. Microsoft Pluton: Security chip doesn’t let Linux on the Lenovo Z13 and Z16 - "this means that given the default firmware configuration, nothing other than windows will boot. it also means that you won't be able to boot from any third-party external peripherals that are plugged in via thunderbolt. there's no security benefit to this."
  3. 3. Vulnerability wholesaler cuts disclosure times over poor-quality patches - "For failed patches, ZDI will give vendors 30 days to address the flaw if it's critical, the patch is easily circumvented, and if exploitation is expected. Vendors will have 60 days to address critical and high severity issues if the patch provides some defence and exploitation is possible. They will get 90 days for all other vulnerabilities below these severity ratings and there's no imminent threat of exploitation. "
  4. 4. Janet Jackson music video given CVE for crashing laptops - "It turns out that the song contained one of the natural resonant frequencies for the model of 5400 RPM laptop hard drives that they and other manufacturers used"
  5. 5. Intel SA-00086 vulnerability and CPU firmware security: what
  6. 6. 8-year-old Linux Kernel flaw DirtyCred is nasty as Dirty Pipe - “DirtyCred is a kernel exploitation concept that swaps unprivileged kernel credentials with privileged ones to escalate privilege. Instead of overwriting any critical data fields on kernel heap, DirtyCred abuses the heap memory reuse mechanism to get privileged. Although the concept is simple, it is effective.”
  7. 7. Researchers Find Counterfeit Phones with Backdoor to Hack WhatsApp Accounts
  8. 8. Uncovering a ChromeOS remote memory corruption vulnerability – Microsoft Security Blog - "As with other modern browsers, exploiting ChromeOS usually requires chaining vulnerabilities together. Due to hardening measures in ChromeOS, discovering vulnerabilities became a specific niche and, therefore, the number of public vulnerabilities is quite low compared to other operating systems." interesting: "The impact of heap-based buffer overflow ranges from simple DoS to full-fledged RCE. Although it’s possible to allocate and free chunks through media metadata manipulation, performing the precise heap-grooming is not trivial in this case and attackers would need to chain the exploit with other vulnerabilities to successfully execute any arbitrary code."
  9. 9. Zoom patches root exploit, patches patch due to root exploit - Moar patching: "The two holes could be exploited together to, simply put, feed a malicious update to Zoom to install and run, which shouldn't normally be allowed to happen. Wardle gave Zoom credit for issuing quick patches for the flaws, which the biz published individually on August 9 and 13. But look at Zoom's recent security bulletins, and it becomes quickly clear that something went wrong: five days later a third patch was released for the same problem. "
  10. 10. An encrypted ZIP file can have two correct passwords — here’s why
  11. 11. Vulnerability in Linux containers – investigation and mitigation
  12. 12. New Air-Gap Attack Uses MEMS Gyroscope Ultrasonic Covert Channel to Leak Data
  13. 13. Privilege Escalation Flaw Haunts VMware Tools
  14. 14. Last port of call – The Hacker Factor Blog
Josh Marpet
Josh Marpet
Executive Director at RM-ISAO
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security
  1. 1. Hack Red Con - Announcing a new conference called Hack Red Con this September in Louisville, KY. With the mission of educating, mentoring, and workforce development for the future of the cyber security industry. Conference dates are September 7th-11th 2022. We hope to see you there! Security Weekly listeners get a 10% discount on tickets!
prestitial ad