Search Results for “Mohit Kumar”


July 25, 2019
Mohit Kumar / The Hacker News

Mohit Kumar / The Hacker News  
Cyxtera-Owned U.S. Firm Immunity Is Now Selling an Exploit for BlueKeep Flaw

Cybersecurity firm Immunity released an updated version of its commercial automated vulnerability assessment and penetration testing (VAPT) tool, CANVAS 7.23, which includes a new module for the BlueKeep RDP exploit (CVE-2019-0708), producing a rare public proof-of-concept (PoC) exploit that takes advantage of the Windows RDP server vulnerability. Security researcher Kevin Beaumont, who gave BlueKeep its name, flagged the sale of the exploit. Miami, Fl-based Immunity was formerly owned by ex-NSA hacker Dave Aitel, and was sold to Cyxtera Technologies in January.

Related: Computing.co.uk, IT Wire, Vimeo

Tweets:@immunityinc @GossitheDog @GossitheDog @campuscodi


October 10, 2019
Mohit Kumar / The Hacker News

Mohit Kumar / The Hacker News  
Seven-Year-Old Critical RCE Flaw Found and Patched in iTerm2 macOS Terminal Emulator App

A seven-year-old critical remote code execution vulnerability tracked as CVE-2019-9535 has been discovered in iTerm2 macOS terminal emulator app, a popular open-source replacement for Mac’s built-in terminal app. An independent security audit funded by the Mozilla Open Source Support Program (MOSS) and conducted by cybersecurity firm Radically Open Security (ROS) found the flaw.  According to Mozilla, the vulnerability resides in the tmux integration feature of iTerm2, which, if exploited, could allow an attacker to execute arbitrary commands by providing malicious output to the terminal. The flaw can also be triggered using command-line utilities by tricking them into printing attacker-controlled content, eventually allowing attackers to execute arbitrary commands on the user’s Mac computer. The vulnerability affects iTerm2 versions up to and including 3.3.5 and was patched with the release of iTerm2 3.3.6.

Related: Security Week, US-CERT Current Activity, IT World, CERT Recently Published Vulnerability Notes, Mozilla Security Blog, Related: Security Affairs, The Register – Security, BleepingComputer.com, Help Net Security

Tweets:@TomRittervg


October 15, 2019
Mohit Kumar / The Hacker News

Mohit Kumar / The Hacker News  
Sudo Security Policy Bypass Issue Could Allow a Malicious User to Execute Commands as Root Even If Configuration Specifically Disallows It

A new vulnerability in Sudo,  a core command installed on almost every UNIX and Linux-based operating system, could allow a malicious user or a program to execute arbitrary commands as root on a targeted Linux system even when the “sudoers configuration” explicitly disallows the root access. The flaw, tracked as CVE-2019-14287 and discovered by Joe Vennix of Apple Information Security, is a sudo security policy bypass issue and allows a user with sufficient Sudo privileges to run commands as root even if an administrator has not granted them full root privileges. The vulnerability affects all Sudo versions before the latest released version 1.8.28. Linux users are advised to update to this latest version as soon as possible.

April 2, 2019
Mohit Kumar / The Hacker News

Mohit Kumar / The Hacker News  
Two Still-Unpatched Zero-Day Vulnerabilities In Microsoft’s Internet Explorer and Edge Browsers Can Allow Attackers to Steal Users’ Confidential Data

Two unpatched zero-day vulnerabilities, one of which affects the latest version of Microsoft Internet Explorer and another affects the latest Edge Browser, allow a remote attacker to bypass same-origin policy on victims’ web browsers and potentially steal their confidential data, security researcher James Lee discovered. Same origin policy is a security feature implemented in modern browsers that restricts a web-page or a script loaded from one origin to interact with a resource from another origin. A flaw in these browsers, called an origin validation error (CWE-346), allows JavaScript embedded in a malicious web page to gather information about other web pages the user has visited. Lee contacted Microsoft about the flaw ten months ago but the company has ignored the issues he raised so Lee released a proof-of-concept for each browser vulnerability.

April 13, 2019
Mohit Kumar / The Hacker News

Mohit Kumar / The Hacker News  
Encrypted Communications Project Matrix Suffered Massive Cyber Attack Forcing Temporary Shut-Down and User Log-Outs

Matrix, the open source project that offers a protocol for self-hosted secure and decentralized real-time communications, including instant messages, VoIP and IoT communications, suffered a massive cyber attack after unknown attackers gained access to the servers hosting its official website and data. The attackers defaced Matrix’s website and stole unencrypted private messages, password hashes, access tokens, as well as GPG keys the project maintainers used for signing packages, forcing the organization to temporarily shut down its entire infrastructure and log all users out of Matrix.org. The Matrix Project said that unknown attackers exploited a sandbox bypass vulnerability in its production infrastructure on 4th April that was running on an outdated, vulnerable version of Jenkins automation server. After being informed by ethical hacker Jaikey Sarraf of the vulnerability, Matrix removed the vulnerable Jenkins server as well as revoked the attacker’s access from its servers on April 10th.

July 15, 2019
Mohit Kumar / The Hacker News

Mohit Kumar / The Hacker News  
Instagram Pays Bug Bounty Hunter $30,000 for Finding Critical Vulnerability That Could Allow Attackers to Hack Any Instagram Account Within Ten Minutes

Facebook-owned photo-sharing service Instagram has recently patched a critical vulnerability that could have allowed hackers to compromise any account without requiring any interaction from the targeted users, Indian bug bounty hunter Laxman Muthiyah discovered. The flaw resided in the password recovery mechanism implemented by the mobile version of Instagram, the rate-limiting feature of which can be bypassed within 10 minutes by sending brute force requests from different IP addresses and sending concurrent requests to process multiple attempts simultaneously. Instagram rewarded Laxman with a $30,000 bounty under its bug bounty program for discovering the flaw.

Related: SecurityWeek, TechNadu, HOTforSecurity, Graham Cluley, Security Affairs, The Zero Hack

Tweets:@Swati_THN @gcluley