recentpopularlog in

vulnerability

« earlier   
Hackers Made an App That Kills to Prove a Point | WIRED, Jul 2019
"... yet months of negotiations with Medtronic and regulators to implement a fix proved fruitless. So the researchers resorted to drastic measures. They built an Android app that could use the flaws to kill people."

"The researchers, who also include Jesse Young and Carl Schuett, say they found it easy to reverse engineer the simple encoding and validity checks meant to protect the signal, enabling an attacker to capture the fob's commands. A hacker could then use readily available, open source software to program a radio that masquerades as a legitimate MiniMed remote, and send commands that the pumps will trust and execute. After establishing that initial contact, hackers can then control that radio through a simple smartphone app to launch attacks"

"Both Medtronic and regulators acknowledge that there is no way to patch the flaws on the affected insulin pump models, or to completely disable the remote feature. "

"Rios says the research group demonstrated its proof of concept app to FDA officials in mid-June of this year; Medtronic announced its voluntary recall program a week later. "
hacking  security  cyber-spectrum  Wired  Medtronic  vulnerability 
4 days ago by pierredv
Osmedeus - Security scanning
Fully automated offensive security framework for reconnaissance and vulnerability scanning
security  vulnerability  python  programming  scanner 
6 days ago by garrettc
CVE security vulnerability database. Security vulnerabilities, exploits, references and more
CVEdetails.com is a free CVE security vulnerability database/information source. You can view CVE vulnerability details, exploits, references, metasploit modules, full list of vulnerable products and cvss score reports and vulnerability trends over time
cve  database  security  sysadmin  vulnerability  Bookmarks_bar  computer  devops  hacking  InfoSec 
9 days ago by concinno
Checking if Apple’s Zoom remediation update has been installed on your Mac | Der Flounder
So yes, there was an RCE in the hidden zoom web server (CVE-2019-13567).

Apple has moved quickly and released an update to MRT (Malware Removal Tool) which addresses the issue by removing the local webserver. This update has the following version number:

1.45.1.1562731315

The installer package receipt associated with it is the following:

com.apple.pkg.MRTConfigData_10_14.16U4071

To verify that you have this installed, here’s a one-line command to check for the latest installed MRT installer package:

printf "%s\n" $(pkgutil --pkgs=".*MRT.*") | sort -k1 | tail -1

To verify that com.apple.pkg.MRTConfigData_10_14.16U4071 does install 1.45.1.1562731315, here’s a one-line command to get the version number from the latest installed MRT installer package receipt:

pkgutil --pkg-info-plist $(printf "%s\n" $(pkgutil --pkgs=".*MRT.*") | sort -k1 | tail -1) | plutil -extract pkg-version xml1 - -o - | xmllint --xpath 'string(//plist/string)' -

check_latest_Xprotect_Gatekeeper_MRT_update.sh
```
#!/bin/bash

VersionAndInstallDate(){

identify_latest_update=$(printf "%s\n" $(pkgutil --pkgs=".*"$package_type".*") | sort -k1 | tail -1)

version_info=$(pkgutil --pkg-info-plist "$identify_latest_update" | plutil -extract pkg-version xml1 - -o - | xmllint --xpath 'string(//plist/string)' -)

# Read install date and translate it into human-readable output

install_date_info=$(/bin/date -r $(pkgutil --pkg-info-plist "$identify_latest_update" | plutil -extract install-time xml1 - -o - | xmllint --xpath 'string(//plist/integer)' - ) '+%m-%d-%Y')

echo "$package_type version: $version_info"
echo "$package_type installation date: $install_date_info"
echo "$package_type package receipt identifier: $identify_latest_update"
}

package_type="Gatekeeper"
VersionAndInstallDate
echo ""
package_type="MRT"
VersionAndInstallDate
echo ""
package_type="XProtect"
VersionAndInstallDate
```
apple  macos  antivirus  exploit  vulnerability  security  tool 
10 days ago by some_hren
Apple has pushed a silent Mac update to remove hidden Zoom web server • TechCrunch
Zack Whittaker:
<p>Apple has released a silent update for Mac users removing a vulnerable component in Zoom, the popular video conferencing app, which allowed websites to automatically add a user to a video call without their permission.

The Cupertino, Calif.-based tech giant told TechCrunch that the update — now released — removes the hidden web server, which Zoom quietly installed on users’ Macs when they installed the app.

Apple said the update does not require any user interaction and is deployed automatically.

The video conferencing giant took flack from users following a public vulnerability disclosure on Monday by Jonathan Leitschuh, in which he described how “any website [could] forcibly join a user to a Zoom call, with their video camera activated, without the user’s permission.” The undocumented web server remained installed even if a user uninstalled Zoom. Leitschuh said this allowed Zoom to reinstall the app without requiring any user interaction…

…The update will now prompt users if they want to open the app, whereas before it would open automatically.</p>
apple  mac  zoom  hacking  vulnerability 
10 days ago by charlesarthur
Apple disables Walkie Talkie app due to vulnerability that could allow iPhone eavesdropping • TechCrunch
Matthew Panzarino:
<p>Apple has disabled the Apple Watch Walkie Talkie app due to an unspecified vulnerability that could allow a person to listen to another customer’s iPhone without consent, the company told TechCrunch this evening.

Apple has apologized for the bug and for the inconvenience of being unable to use the feature while a fix is made.

The Walkie Talkie app on Apple Watch allows two users who have accepted an invite from each other to receive audio chats via a “push to talk” interface reminiscent of the PTT buttons on older cell phones.</p>


People use the Walkie Talkie app? Amazing.
apple  watch  security  vulnerability  hacking 
11 days ago by charlesarthur
Serious Zoom security flaw could let websites hijack Mac cameras - The Verge, Jul 2019
"Today, security researcher Jonathan Leitschuh has publicly disclosed a serious zero-day vulnerability for the Zoom video conferencing app on Macs. He has demonstrated that any website can open up a video-enabled call on a Mac with the Zoom app installed. That’s possible in part because the Zoom app apparently installs a web server on Macs that accepts requests regular browsers wouldn’t. In fact, if you uninstall Zoom, that web server persists and can reinstall Zoom without your intervention."
TheVerge  cybersecurity  hacking  vulnerability  Zoom  Mac 
11 days ago by pierredv
The lifetime of an Android API vulnerability • Light Blue Touchpaper
Daniel Carter, Daniel Thomas, and Alastair Beresford:
<p>The specific vulnerability (CVE-2012-6636) affected Android devices and allowed JavaScript running inside a WebView of an app (e.g. an advert) to run arbitrary code inside the app itself, with all the permissions of app. The vulnerability could be exploited remotely by an attacker who bought ads which supported JavaScript. In addition, since most ads at the time were served over HTTP, the vulnerability could also be exploited if an attacker controlled a network used by the Android device (e.g. WiFi in a coffee shop). The fix required both the Android operating system, and all apps installed on the handset, to support at least Android API Level 17. Thus, the deployment of an effective solution for users was especially challenging.

When we published our paper in 2015, we predicted that this vulnerability would not be patched on 95% of devices in the Android ecosystem until January 2018 (plus or minus a standard deviation of 1.23 years). Since this date has now passed, we decided to check whether our prediction was correct.</p>


LBT is the security team at Cambridge University's computer lab. This vulnerability seems quite serious, doesn't it? Took a while - as in years - to get fixed, though.
android  vulnerability  api 
11 days ago by charlesarthur

Copy this bookmark:





to read