Thursday, November 10, 2016

Dirty Cow

Hey all,
Two years ago I’m sure you’ve all heard about ShellShock – a remote code execution exploit in bash that existed for about 25 years until discovered.

Three weeks ago a new vulnerability, known as Dirty Cow (or CVE-2016-5195 if you insist), was discovered.
This exploit allows local privilege escalation on almost all Linux distributions and kernels as the vulnerable code existed since 2007 (from kernel version 2.6.22 and even 2.6.18 for some distributions).

While this is only a privilege escalation vulnerability, there are already reports of users gaining limited access to servers and using this vulnerability to escalate their privileges.
In fact, the exploit became public as a security researcher observed the exploit in a pcap file.

Organizations are kindly requested to upgrade their kernel version.

BTW,
This exploit can also be used to root your Android device (https://github.com/timwr/CVE-2016-5195)

Stay tuned for more updates.
Dan Gurfinkel
Head of Offensive Security & Response Unit

posted by Unknown @ 3:17 PM  

Wednesday, November 9, 2016

New DDoS Attack in Finland

Hey all,
I’m sure that most of you are aware about the danger of a DDoS attack.
Having your systems not available for your customers can cause financial damages and reputational damages to your organization.
A DDoS attack can even target an entire country, as we see nowadays with a Mirai botnet targeting the entire internet infrastructure of Liberia.

But, when it comes to DDoS, nobody said anything about damage to human lives. Until now.
Last week a DDoS attack in Finland targeted a heating system in the city of Lappeenranta, Finland. As a result, the heating systems were not working for more than a week.

The attack was short in time, but caused the heating system to enter an endless restart loop, therefore preventing the residents of two blocks in the town to heat their apartment.
Luckily, it’s “only” -6 degrees now in Lappeenranta, so no one lost their life, but think of the damage had the attack been engaged on January or February.

Here are all the details:
http://thehackernews.com/2016/11/heating-system-hacked.html

BTW,
The water was system was not functioning as well for a week. Now think about taking a shower in -6 degrees the next time your boiler breaks.

Stay tuned for more updates,
Dan Gurfinkel
Head of Offensive Security & Response Unit

posted by Unknown @ 7:30 PM