ESET researchers discover LoJax, the first-ever UEFI rootkit detected in a cyberattack https://www.businesscomputingworld.co.uk/news-post/eset-researchers-discover-lojax-the-first-ever-uefi-rootkit-detected-in-a-cyberattack/
- Running a port scan caused the weapons system to fail
- One admin password for a system was guessed in nine seconds
- "Nearly all major acquisition programs that were operationally tested between 2012 and 2017 had mission-critical cyber vulnerabilities that adversaries could compromise."
- Taking over systems was pretty much playing on easy mode: "In one case, it took a two-person test team just one hour to gain initial access to a weapon system and one day to gain full control of the system they were testing."
- One admin password for a system was guessed in nine seconds
- "Nearly all major acquisition programs that were operationally tested between 2012 and 2017 had mission-critical cyber vulnerabilities that adversaries could compromise."
- Taking over systems was pretty much playing on easy mode: "In one case, it took a two-person test team just one hour to gain initial access to a weapon system and one day to gain full control of the system they were testing."
https://isc.sans.edu/diary/24186 - в патче есть уязвимость, успешно эксплуатриемая рядом APT
SANS Internet Storm Center
InfoSec Handlers Diary Blog - Internet Storm Center Diary 2018-10-10
Internet Storm Center Diary 2018-10-10, Author: Johannes Ullrich
Forwarded from r0 Crew (Channel) (Bear0)
Al-Khaser v0.75
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
https://github.com/LordNoteworthy/al-khaser #OKOB2016
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
https://github.com/LordNoteworthy/al-khaser #OKOB2016
GitHub
GitHub - ayoubfaouzi/al-khaser: Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection. - GitHub - ayoubfaouzi/al-khaser: Public malware techniques used in the wild: Virtual Machine,...
Forwarded from Br0wSec (Andrey Kovalev)
От mailto: до RCE всего один шаг!
Замечательная бага была найдена в MS Edge, позволяющая в ссылках выполнять команды через схему wshfile: https://leucosite.com/Microsoft-Edge-RCE/
Замечательная бага была найдена в MS Edge, позволяющая в ссылках выполнять команды через схему wshfile: https://leucosite.com/Microsoft-Edge-RCE/
Leucosite
Edge RCE
(CVE-2018-8495) Chaining small bugs together to achieve RCE