Cisco patches high and critical flaws across several products

Read Time:27 Second

Cisco fixed serious vulnerabilities across several of its products this week, including in its Industrial Network Director, Modeling Labs, ASR 5000 Series Routers, and BroadWorks Network Server. The flaws can lead to administrative command injection, authentication bypass, remote privilege escalation and denial of service.

The Cisco Industrial Network Director (IND), a network monitoring and management server for operational technology (OT) networks, received patches for two vulnerabilities rated critical and medium respectively. These were fixed in version 1.11.3 of the software.

To read this article in full, please click here

Read More

Iran cyberespionage group taps SimpleHelp for persistence on victim devices

Read Time:22 Second

Iranian APT hacking group MuddyWater has been observed using SimpleHelp, a legitimate remote device control and management tool, to ensure persistence on victim devices. 

SimpleHelp itself, as used by the threat actors, has not been compromised — instead, the group has found a way to download the tool from the official website and use it in their attacks, according to a Group-IB blog post.

To read this article in full, please click here

Read More

Checking existence of firewalled URLs via javascript’s script.onload

Read Time:21 Second

Posted by Georgi Guninski on Apr 21

There is minor information disclosure vulnerability similar
to nmap in browser.

It is possible to check the existence of firewalled URL U via
the following javascript in a browser:

<script src=”U”
onload=”alert(‘Exists’)”
onerror=”alert(‘Does not exist’)”>

This might have privacy implication on potentially
“semi-blind CSRF” (XXX does this makes sense?).

Works for me in…

Read More

Checking existence of firewalled web servers in Firefox via iframe.onload

Read Time:23 Second

Posted by Georgi Guninski on Apr 21

In short in Firefox 112, it is possible to check existence
of firewalled web servers. This doesn’t work in Chrome and Chromium 112
for me.

If user A has tcp connection to web server B, then in the
following html:

<iframe src=”http://B&quot; onload=”load()” onerror=”alert(‘error’)” id=”i1″ />

the javascript function load() will get executed if B serves
valid document to A’s browser…

Read More

Hacking Pickleball

Read Time:2 Minute, 13 Second

My latest book, A Hacker’s Mind, has a lot of sports stories. Sports are filled with hacks, as players look for every possible advantage that doesn’t explicitly break the rules. Here’s an example from pickleball, which nicely explains the dilemma between hacking as a subversion and hacking as innovation:

Some might consider these actions cheating, while the acting player would argue that there was no rule that said the action couldn’t be performed. So, how do we address these situations, and close those loopholes? We make new rules that specifically address the loophole action. And the rules book gets longer, and the cycle continues with new loopholes identified, and new rules to prohibit that particular action in the future.

Alternatively, sometimes an action taken as a result of an identified loophole which is not deemed as harmful to the integrity of the game or sportsmanship, becomes part of the game. Ernie Perry found a loophole, and his shot, appropriately named the “Ernie shot,” became part of the game. He realized that by jumping completely over the corner of the NVZ, without breaking any of the NVZ rules, he could volley the ball, making contact closer to the net, usually surprising the opponent, and often winning the rally with an un-returnable shot. He found a loophole, and in this case, it became a very popular and exciting shot to execute and to watch!

I don’t understand pickleball at all, so that explanation doesn’t make a lot of sense to me. (I watched a video explaining the shot; that helped somewhat.) But it looks like an excellent example.

The blog post also links to a 2010 paper that I wish I’d known about when I was writing my book: “Loophole ethics in sports,” by Øyvind Kvalnes and Liv Birgitte Hemmestad:

Abstract: Ethical challenges in sports occur when the practitioners are caught between the will to win and the overall task of staying within the realm of acceptable values and virtues. One way to prepare for these challenges is to formulate comprehensive and specific rules of acceptable conduct. In this paper we will draw attention to one serious problem with such a rule-based approach. It may inadvertently encourage what we will call loophole ethics, an attitude where every action that is not explicitly defined as wrong, will be seen as a viable option. Detailed codes of conduct leave little room for personal judgement, and instead promote a loophole mentality. We argue that loophole ethics can be avoided by operating with only a limited set of general principles, thus leaving more space for personal judgement and wisdom.

Read More

webkitgtk-2.40.1-1.fc37

Read Time:48 Second

FEDORA-2023-a4bbf02a57

Packages in this update:

webkitgtk-2.40.1-1.fc37

Update description:

The Bubblewrap sandbox no longer requires setting an application identifier via GApplication to operate correctly. Using GApplication is still recommended, but optional.
Adjust the scrolling speed for mouse wheels to make it feel more natural.
Allow pasting content using the Asynchronous Clipboard API when the origin is the same as the clipboard contents.
Improvements to the GStreamer multimedia playback, in particular around MSE, WebRTC, and seeking.
Make all supported image types appear in the Accept HTTP header.
Fix text caret blinking when blinking is disabled in the GTK settings.
Fix default database quota size definition.
Fix application of all caps tags listed in the font-feature-settings CSS property.
Fix font height calculations for the font-size-adjust CSS property.
Fix several crashes and rendering issues.
Security fixes: CVE-2022-0108, CVE-2022-32885, CVE-2023-25358, CVE-2023-27932, CVE-2023-27954, CVE-2023-28205

Read More