Android vulnerability allows attackers to modify apps without affecting their signatures

Among the many Android vulnerabilities patched by Google this December is one that allows attackers to modify apps without affecting their signatures. The danger “Although Android applications are self-signed, signature verification is important when updating Android applications. When the user downloads an update of an application, the Android runtime compares its signature with the signature of the original version. If the signatures match, the Android runtime proceeds to install the update,” Guard Square researchers explained. … More

Eavesdropper vulnerability exposes sensitive corporate communications data

Appthority published research on its discovery of the Eavesdropper vulnerability, caused by developers carelessly hard coding their credentials in mobile applications that use the Twilio Rest API or SDK, despite best practices the company clearly outlines in its documentation. What applications are affected by the Eavesdropper vulnerability? Security researchers have identified this as a real and ongoing threat affecting nearly 700 apps in enterprise mobile environments, over 170 of which are live in the official … More

Infosec expert viewpoint: Vulnerability patching

Vulnerability patching is one of the most useful and cost-effective methods to mitigate a plethora of security threats. Here’s what infosec experts think about the challenges related to patching systems, and how they see vulnerability patching evolve in the near future. They also give advice to enterprises looking to deploy a solution that makes vulnerability patching easier. Morey Haber, VP of Technology, Office of the CTO, BeyondTrust Unpatched machines have various degrees of risk. The … More

Vulnerability in code library allows attackers to work out private RSA keys

Researchers have discovered a security vulnerability in the Infineon-developed RSA library, which could be exploited by attackers to discover the RSA private key corresponding to an RSA public key generated by this library. This private key could be then misused to impersonate its legitimate owner, decrypt sensitive messages, forge signatures (e.g. for software releases) and more. The vulnerable version of the library is v1.02.013, and it’s unfortunately been in use since 2012 in a wide … More

Unpatched SQLi vulnerability in SmartVista e-commerce suite

Companies using SmartVista, the popular e-commerce/payment management product suite developed by Swiss company BPC Banking Technologies, are urged to put limit access to its management interface. That’s because Rapid7 researcher Aaron Herndon found a SQL injection vulnerability in it, and BPC has shown no indication that it’s going to fix it. About the vulnerability According to Rapid7’s findings, the issues affect the “Transactions” interface of SmartVista Front-End (SVFE), version 2.2.10, revision 287921. “Users with access … More

Easily exploitable Apache Struts vulnerability opens businesses to attack

A critical vulnerability in Apache Struts, a popular open source framework for developing web applications, opens any server running an app built using it to remote attackers. It can be exploited easily, by sending a specially crafted web request to the application and, according to SANS ISC handler Adrien de Beaupre, a working exploit has already been spotted. About the vulnerability The flaw (CVE-2017-9805) was spotted during a static code analysis by researchers with software … More

PACER vulnerability allowed hackers to access legal docs while sticking others with the bill

A CSRF flaw that made it possible for attackers to access court documents on the PACER system while making legitimate users pay for it has finally been plugged. What is PACER? PACER is an electronic public access service of United States federal court documents – briefs, memos, orders, opinions, etc. It is mostly used by lawyers, and to a lesser extent by journalists, but one has to have an account open with the service, and … More

US DOJ publishes guidelines for setting up a vulnerability disclosure program

Instituting a vulnerability disclosure program (aka bug bounty program) that won’t blow up in the organization’s face can be a daunting task. Some will prefer to enlist outside experts to advise them on how to do it, and others will want to rely on their own IT or security department. For the latter, here’s some good news: the US Department of Justice has just released a guidance document for adopting a vulnerability disclosure program for … More

Apple patches critical Broadpwn vulnerability in its various OSes

Apple has released security updates for iOS, macOS (Sierra, El Capitan, and Yosemite), Safari, iCloud, iTunes, watchOS and tvOS. As per usual, the same fixed Webkit flaws abound in all of the updates, as it is the web browser engine used by Safari, App Store, and many other applications. Among the other plugged holes a few stand out, for various reasons: Among the WebKit flaws, there’s one disclosed to Apple by the UK’s National Cyber … More

EternalBlue vulnerability scanner statistics reveal there are exposed hosts worldwide

After the recent massive WannaCry ransomware campaign, Elad Erez, Director of Innovation at Imperva, was shocked at the number of systems that still sported the Microsoft Windows SMB Server vulnerabilities that made the attack possible. So, he decided to do something about it: he created Eternal Blues, an easy-to-use vulnerability scanner that he made available for download for free. The tool does one single thing: it scans computers for the aforementioned vulnerabilities, and lets users … More