Forwarded from UNDERCODE NEWS
IPA declares β10 major threatsβ to information security, which suddenly leads to an attack.
#CyberAttacks
#CyberAttacks
Forwarded from UNDERCODE NEWS
Apple was once again the subject of a "iPhone speed-down door" class action suit in Europe.
#Technologies
#Technologies
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦γIntroduction to discovering and attacking IoT devices based on web attacks :
1. Discovery phase: Identify IoT devices
γγUse WebRTC to obtain a local IP address.
γγSend requests to all IP addresses in the IP range through port 81. Since port 81 is usually not occupied, the active device will immediately respond to a TCP RST packet. For inactive devices in the IP range, the request packet will time out.
γγEach active IP address received the initial request collected using HTML5 for 35 GET endpoints. Based on the returned error message information, the attack script will identify whether the IP address matches any of the seven devices.
γγThe research project uses three different operating systems (Windows 10, MacOS and Ubuntu) and four different browsers (Chrome, Firefox, Safari, MicrosoftEdge). However, only two browsers, Chrome and Firefox, are suitable for this study. Therefore, Safari and Edge browsers are not used, because according to (Web-based attacks on the discovery and control of local IoT devices):
γγOn Safari, all FETCH requests timed out, causing the attack script to identify all IP addresses as inactive. On the Edge browser, the script can use the FETCH request to correctly identify the active IP address, but Edge did not disclose the detailed HTML5 error message, so the attack script could not identify any devices on Edge.
γγ2. Access phase: control IoT devices
γγThe victim visits the domain name (domain.tld) ββcontrolled by the attacker, and the browser executes the malicious JavaScript code found on the attacker's site. The domain name still resolves to the attacker's server IP.
γγThe malicious script requests another resource on domain.tld, which only exists on the attacker's server.
γγIf the victim's local DNS cache still resolves to the attacker's remote IP, the request to /hello.php will return the string "hello" and repeat step 2.
γγBut if the domain.tld in the victim's cache expires, a new DNS query will be sent to the attacker.
γγFinally, the local IP obtained from the discovery phase will be returned instead of the remote IP of the attacker. /hello.php will not respond with the string "hello", but with different content, such as a 404 error, which tells the malicious script The DNS rebinding attack has been successful.
γγThrough this attack, the malicious script bypassed the browser Same-Origin Policy and gained access to the web application running on the device. Attackers can now perform restarts or start video/audio files on Google Chromecast, Google Home, smart TVs, and smart switch devices.
γγHow to prevent DNS rebinding attacks against IoT devices
γγResearchers say that users, browser vendors, IoT vendors, and DNS providers need to take preventive measures to avoid DNS rebinding attacks. The following are some of the measures given by the study:
γγUsers can disable WebRTC on the browser and prevent the disclosure of private IP. The attacker will be able to discover the user's private IP by sending a request to all *.1 addresses (router addresses) in the private IP range.
γγThe attacker assumes that the IP range of all IoT devices has the same IP range as the victim's PC. The user can configure the router's DHCP server to assign an IP address on another subnet (such as /16).
γγUsers can install dnsmasq to prevent DNS rebinding attacks by removing the RFC 1918 address from the DNS response. Users can also use dnsmasq's OpenWRT router.
γγIoT vendors can control the Host header in requests sent to the web interface. If there is no private IP that complies with RFC 1918, access can be blocked.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦γIntroduction to discovering and attacking IoT devices based on web attacks :
1. Discovery phase: Identify IoT devices
γγUse WebRTC to obtain a local IP address.
γγSend requests to all IP addresses in the IP range through port 81. Since port 81 is usually not occupied, the active device will immediately respond to a TCP RST packet. For inactive devices in the IP range, the request packet will time out.
γγEach active IP address received the initial request collected using HTML5 for 35 GET endpoints. Based on the returned error message information, the attack script will identify whether the IP address matches any of the seven devices.
γγThe research project uses three different operating systems (Windows 10, MacOS and Ubuntu) and four different browsers (Chrome, Firefox, Safari, MicrosoftEdge). However, only two browsers, Chrome and Firefox, are suitable for this study. Therefore, Safari and Edge browsers are not used, because according to (Web-based attacks on the discovery and control of local IoT devices):
γγOn Safari, all FETCH requests timed out, causing the attack script to identify all IP addresses as inactive. On the Edge browser, the script can use the FETCH request to correctly identify the active IP address, but Edge did not disclose the detailed HTML5 error message, so the attack script could not identify any devices on Edge.
γγ2. Access phase: control IoT devices
γγThe victim visits the domain name (domain.tld) ββcontrolled by the attacker, and the browser executes the malicious JavaScript code found on the attacker's site. The domain name still resolves to the attacker's server IP.
γγThe malicious script requests another resource on domain.tld, which only exists on the attacker's server.
γγIf the victim's local DNS cache still resolves to the attacker's remote IP, the request to /hello.php will return the string "hello" and repeat step 2.
γγBut if the domain.tld in the victim's cache expires, a new DNS query will be sent to the attacker.
γγFinally, the local IP obtained from the discovery phase will be returned instead of the remote IP of the attacker. /hello.php will not respond with the string "hello", but with different content, such as a 404 error, which tells the malicious script The DNS rebinding attack has been successful.
γγThrough this attack, the malicious script bypassed the browser Same-Origin Policy and gained access to the web application running on the device. Attackers can now perform restarts or start video/audio files on Google Chromecast, Google Home, smart TVs, and smart switch devices.
γγHow to prevent DNS rebinding attacks against IoT devices
γγResearchers say that users, browser vendors, IoT vendors, and DNS providers need to take preventive measures to avoid DNS rebinding attacks. The following are some of the measures given by the study:
γγUsers can disable WebRTC on the browser and prevent the disclosure of private IP. The attacker will be able to discover the user's private IP by sending a request to all *.1 addresses (router addresses) in the private IP range.
γγThe attacker assumes that the IP range of all IoT devices has the same IP range as the victim's PC. The user can configure the router's DHCP server to assign an IP address on another subnet (such as /16).
γγUsers can install dnsmasq to prevent DNS rebinding attacks by removing the RFC 1918 address from the DNS response. Users can also use dnsmasq's OpenWRT router.
γγIoT vendors can control the Host header in requests sent to the web interface. If there is no private IP that complies with RFC 1918, access can be blocked.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
The first discrete graphics card was launched by Intel in several years, with a high incompatibility issues.
#Technologies
#Technologies
Forwarded from UNDERCODE NEWS
In searches relating to the Jewish genocide, Facebook will display "authoritative sources"
#International
#International
Forwarded from DailyCVE
π΅New termux bug in any services scripts using svlogger:
(DC: 266-2021)
https://dailycve.com/new-termux-bug-any-services-scripts-using-svlogger
(DC: 266-2021)
https://dailycve.com/new-termux-bug-any-services-scripts-using-svlogger
β β β Uππ»βΊπ«Δπ¬πβ β β β
New release for The Universal Radio Hacker (URH)
is a complete suite for wireless protocol investigation with native support for many common Software Defined Radios. URH allows easy demodulation of signals combined with an automatic detection of modulation parameters making it a breeze to identify the bits and bytes that fly over the air. As data often gets encoded before transmission, URH offers customizable decodings to crack even sophisticated encodings like CC1101 data whitening. When it comes to protocol reverse-engineering, URH is helpful in two ways. You can either manually assign protocol fields and message types or let URH automatically infer protocol fields with a rule-based intelligence. Finally, URH entails a fuzzing component aimed at stateless protocols and a simulation environment for stateful attacks.
and windows compatibility improuvements
> checkout: https://github.com/jopohl/urh
β β β Uππ»βΊπ«Δπ¬πβ β β β
New release for The Universal Radio Hacker (URH)
is a complete suite for wireless protocol investigation with native support for many common Software Defined Radios. URH allows easy demodulation of signals combined with an automatic detection of modulation parameters making it a breeze to identify the bits and bytes that fly over the air. As data often gets encoded before transmission, URH offers customizable decodings to crack even sophisticated encodings like CC1101 data whitening. When it comes to protocol reverse-engineering, URH is helpful in two ways. You can either manually assign protocol fields and message types or let URH automatically infer protocol fields with a rule-based intelligence. Finally, URH entails a fuzzing component aimed at stateless protocols and a simulation environment for stateful attacks.
and windows compatibility improuvements
> checkout: https://github.com/jopohl/urh
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - jopohl/urh: Universal Radio Hacker: Investigate Wireless Protocols Like A Boss
Universal Radio Hacker: Investigate Wireless Protocols Like A Boss - jopohl/urh
Now each link, marked if the code of the cve is avaible or not (in dailycve.com)
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ Using Chaos Engineering tools to test the reliability and availability of systems in production :
Chaos Engineering advantages:
Monitor lost income by detecting critical issues
Reducing the number of system or application failures
Better user experience with fewer disruptions and high service availability
This will help you learn about the system and gain confidence.
How confident are you in the reliability of your sales?
Let's find out with the following popular chaos testing tools.
Chaos mesh
Chaos Mesh is a chaos test management solution that introduces bugs at every level of the Kubernetes system.
This includes pods, networking, system I / O, and kernel.
Chaos Mesh can automatically kill Kubernetes pods by simulating latency.
It can disrupt communication between pods and simulate read / write errors.
He can plan the rules for experiments and determine their scope.
These experiments are specified using YAML files.
Chaos Mesh has a toolbar for viewing experiment analytics.
It runs on top of Kubernetes and supports most of the cloud platform.
It is an open source project that was recently adopted as a CNCF sandbox project.
You can add Chaos Mesh to your DevOps workflow to build resilient applications using chaos engineering principles.
Chaos Mesh Features:
Easily deployed to Kubernetes clusters without changing the deployment logic
No unique dependencies required for deployment
Defines chaos objects using CustomResourceDefinitions (CRD)
Provides a dashboard for keeping track of all experiments
Β» https://github.com/chaos-mesh/chaos-mesh
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ Using Chaos Engineering tools to test the reliability and availability of systems in production :
Chaos Engineering advantages:
Monitor lost income by detecting critical issues
Reducing the number of system or application failures
Better user experience with fewer disruptions and high service availability
This will help you learn about the system and gain confidence.
How confident are you in the reliability of your sales?
Let's find out with the following popular chaos testing tools.
Chaos mesh
Chaos Mesh is a chaos test management solution that introduces bugs at every level of the Kubernetes system.
This includes pods, networking, system I / O, and kernel.
Chaos Mesh can automatically kill Kubernetes pods by simulating latency.
It can disrupt communication between pods and simulate read / write errors.
He can plan the rules for experiments and determine their scope.
These experiments are specified using YAML files.
Chaos Mesh has a toolbar for viewing experiment analytics.
It runs on top of Kubernetes and supports most of the cloud platform.
It is an open source project that was recently adopted as a CNCF sandbox project.
You can add Chaos Mesh to your DevOps workflow to build resilient applications using chaos engineering principles.
Chaos Mesh Features:
Easily deployed to Kubernetes clusters without changing the deployment logic
No unique dependencies required for deployment
Defines chaos objects using CustomResourceDefinitions (CRD)
Provides a dashboard for keeping track of all experiments
Β» https://github.com/chaos-mesh/chaos-mesh
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - chaos-mesh/chaos-mesh: A Chaos Engineering Platform for Kubernetes.
A Chaos Engineering Platform for Kubernetes. Contribute to chaos-mesh/chaos-mesh development by creating an account on GitHub.
Forwarded from DailyCVE
π΅ Python buffer error vulnerability :
(DC: 268-2021)
https://dailycve.com/python-buffer-error-vulnerability
(DC: 268-2021)
https://dailycve.com/python-buffer-error-vulnerability
Dailycve
Python buffer error vulnerability | CVE
Details:
Python is the Python Foundation's open source, object-oriented programming language. The language is extensible, plugins and kits are supported, and various formats are supported. There is a buffer error flaw in Python 3.x to 3.9.1, whichβ¦
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
To boost production capacity Intel spends an extra US$475 million in the Vietnam plant.
#Technologies
#Technologies
Data Structures Concepts & Singly Linked List Implementation free course 4.4 rating !
You will learn :
Understand the concept of linked list
Implementation of Linked operations using C programming language
Basics of data structures
Visualize how different data structures work
>https://www.udemy.com/course/data-structures-in-c/
You will learn :
Understand the concept of linked list
Implementation of Linked operations using C programming language
Basics of data structures
Visualize how different data structures work
>https://www.udemy.com/course/data-structures-in-c/
Udemy
Free Data Structures Tutorial - Data Structures Concepts & Singly Linked List Implementation
Data Structures Concepts & Singly Linked List Implementation - Free Course
Forwarded from DailyCVE
π΅ Clustered Data ONTAP security vulnerabilities:
(DC: 269-2021)
https://dailycve.com/clustered-data-ontap-security-vulnerabilities
(DC: 269-2021)
https://dailycve.com/clustered-data-ontap-security-vulnerabilities
Dailycve
Clustered Data ONTAP security vulnerabilities | CVE
Details:
Netapp Distributed Data ONTAP is a collection of NetApp (Netapp) database operating systems used in the United States in cluster mode. Versions of Clustered Data ONTAP prior to 9.3P20 and 9.5 include a security flaw that enables arbitrary dataβ¦
Forwarded from DailyCVE
π΅ZOHO ManageEngine Applications Manager SQL injection vulnerability :
(DC: 270-2021)
https://dailycve.com/zoho-manageengine-applications-manager-sql-injection-vulnerability
(DC: 270-2021)
https://dailycve.com/zoho-manageengine-applications-manager-sql-injection-vulnerability
Dailycve
ZOHO ManageEngine Applications Manager SQL injection vulnerability | CVE
Details:
ZOHO ManageEngine Applications Manager is a suite of tools from ZOHO for IT service and maintenance management. The product has functions such as output management of the program, fault management, production of reports and management of SLA.β¦
Forwarded from UNDERCODE NEWS
Biden ordered the procurement of cars that use carbon-free power for renewable energy.
#Technologies
#Technologies
Forwarded from UNDERCODE NEWS
