Security Weekly
Paul's Security WeeklySubscribe
Vulnerability management, Malware

Mudge, Tox P2P Messenger, 8 Year Old Linux Flaws, Dirty Pipe, & Unix Legends – PSW #753

This week in the Security News: Crypto Miners Using Tox P2P Messenger as Command and Control Server, 8-year-old Linux Kernel flaw DirtyCred is nasty as Dirty Pipe, & Janet Jackson music video given CVE for crashing laptops, & more!

Segment Resources:

Use code "securityweekly" to save 10% off Hack Red Con tickets at https://www.hackredcon.com/

Full episode and show notes

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Guests

Zachary Stashis
Zachary Stashis
CEO at Hack Red Con

Founder of Hack Red Con and Red Seer Security, Red Teamer, Bug Hunter, and Mentor.

Daniel Niefeld
Daniel Niefeld
CFO & Co-Founder at Hack Red Con

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
  1. 1. Microsoft warns that KB5012170 update may cause 0x800f0922 error
  2. 2. Microsoft Pluton: Security chip doesn’t let Linux on the Lenovo Z13 and Z16
    "this means that given the default firmware configuration, nothing other than windows will boot. it also means that you won't be able to boot from any third-party external peripherals that are plugged in via thunderbolt. there's no security benefit to this."
  3. 3. Vulnerability wholesaler cuts disclosure times over poor-quality patches
    "For failed patches, ZDI will give vendors 30 days to address the flaw if it's critical, the patch is easily circumvented, and if exploitation is expected. Vendors will have 60 days to address critical and high severity issues if the patch provides some defence and exploitation is possible. They will get 90 days for all other vulnerabilities below these severity ratings and there's no imminent threat of exploitation. "
  4. 4. Janet Jackson music video given CVE for crashing laptops
    "It turns out that the song contained one of the natural resonant frequencies for the model of 5400 RPM laptop hard drives that they and other manufacturers used"
  5. 5. Intel SA-00086 vulnerability and CPU firmware security: what
  6. 6. 8-year-old Linux Kernel flaw DirtyCred is nasty as Dirty Pipe
    “DirtyCred is a kernel exploitation concept that swaps unprivileged kernel credentials with privileged ones to escalate privilege. Instead of overwriting any critical data fields on kernel heap, DirtyCred abuses the heap memory reuse mechanism to get privileged. Although the concept is simple, it is effective.”
  7. 7. Researchers Find Counterfeit Phones with Backdoor to Hack WhatsApp Accounts
  8. 8. Uncovering a ChromeOS remote memory corruption vulnerability – Microsoft Security Blog
    "As with other modern browsers, exploiting ChromeOS usually requires chaining vulnerabilities together. Due to hardening measures in ChromeOS, discovering vulnerabilities became a specific niche and, therefore, the number of public vulnerabilities is quite low compared to other operating systems." interesting: "The impact of heap-based buffer overflow ranges from simple DoS to full-fledged RCE. Although it’s possible to allocate and free chunks through media metadata manipulation, performing the precise heap-grooming is not trivial in this case and attackers would need to chain the exploit with other vulnerabilities to successfully execute any arbitrary code."
  9. 9. Zoom patches root exploit, patches patch due to root exploit
    Moar patching: "The two holes could be exploited together to, simply put, feed a malicious update to Zoom to install and run, which shouldn't normally be allowed to happen. Wardle gave Zoom credit for issuing quick patches for the flaws, which the biz published individually on August 9 and 13. But look at Zoom's recent security bulletins, and it becomes quickly clear that something went wrong: five days later a third patch was released for the same problem. "
  10. 10. An encrypted ZIP file can have two correct passwords — here’s why
  11. 11. Vulnerability in Linux containers – investigation and mitigation
  12. 12. New Air-Gap Attack Uses MEMS Gyroscope Ultrasonic Covert Channel to Leak Data
  13. 13. Privilege Escalation Flaw Haunts VMware Tools
  14. 14. Last port of call – The Hacker Factor Blog
Josh Marpet
Josh Marpet
Executive Director at RM-ISAO
Larry Pesce
Larry Pesce
Product Security Research and Analysis Director at Finite State
  1. 1. Crypto Miners Using Tox P2P Messenger as Command and Control Server
  2. 2. Russian threat group exploiting Microsoft weaknesses to target US entities, says analyst
  3. 3. Ex-Twitter exec blows the whistle, alleging reckless and negligent cybersecurity policies
  4. 4. Janet Jackson had the power to crash laptop computers
  5. 5. Unix legend, who owes us nothing, keeps fixing foundational AWK code
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element
  1. 1. Hack Red Con
    Announcing a new conference called Hack Red Con this September in Louisville, KY. With the mission of educating, mentoring, and workforce development for the future of the cyber security industry. Conference dates are September 7th-11th 2022. We hope to see you there! Security Weekly listeners get a 10% discount on tickets!

Related

Vulnerability management
Prepping for Security Incidents, Automated Validation & No-Code Automation Revolution – Amitai Ratzon, Jon Check, Thomas Kinsella – ESW #319

The reality is no organization is insusceptible to a breach – and security teams, alongside the C-suite, should prepare now to make the response more seamless once a crisis does happen. Based on his experience working 1:1 with security leaders in the private and public sectors, Jon Check, executive director of Cyber Protection Solutions at Raytheon...
prestitial ad