writing.exchange is one of the many independent Mastodon servers you can use to participate in the fediverse.
A small, intentional community for poets, authors, and every kind of writer.

Administered by:

Server stats:

350
active users

#vulnerabilities

4 posts4 participants0 posts today

#China Cyber Espionage Group #UNC3886 Backdoored #Juniper Routers
UNC3886 hackers target Juniper routers with custom backdoor malware, exploiting outdated systems for stealthy access and espionage. Learn how to stay protected.
#JuniperMX routers running outdated hardware and software, using EOL configurations, were easier targets due to #vulnerabilities in their security systems. The #malware leveraged Junos OS’s Veriexec, a file integrity monitor, to avoid detection.
hackread.com/chinese-group-unc

Chinese Cyber Espionage Group UNC3886 Backdoors Juniper Routers
Hackread - Latest Cybersecurity, Tech, AI, Crypto & Hacking News · Chinese Cyber Espionage Group UNC3886 Backdoored Juniper RoutersFollow us on Bluesky, Twitter (X) and Facebook at @Hackread

Threat posed by new #VMware #hyperjacking #vulnerabilities is hard to overstate

3 critical vulnerabilities in multiple #VM products from VMware can give hackers unusually broad access to some of the most sensitive environments inside multiple customers’ networks, the company warned Tuesday.

The class of #attack made possible by #exploiting the vulnerabilities is known under several names, including hyperjacking, hypervisor attack, or virtual machine escape.
#security

arstechnica.com/security/2025/

Ars Technica · VMware patches 3 critical vulnerabilities in multiple product linesBy Dan Goodin

The Key to COMpromise, Writing to the Registry (again), Part 4

In joined research between cirosec and Neodyme several vulnerabilities were found in Antivirus (AV) and Endpoint Detection and Response (EDR) products that could, in theory, allow privilege escalation to SYSTEM on millions of devices, assuming initial access was gained.

In this final part of our series on COM hijacking, we will examine a custom-named pipe IPC protocol implemented by Bitdefender Total Security and detail our approach to reverse engineering it. We will explore how we could use COM hijacking and this custom communication to gain SYSTEM privileges (CVE-2023-6154). Additionally, we will examine how to mitigate the vulnerabilities discussed throughout this series of blog posts. Lastly, we will demonstrate how COM hijacking can be exploited to perform a Denial-of-Service (DoS) attack on security products.

Find out more on our website at cirosec.de/en/news/the-key-to-.

Replied in thread

@thomasbosboom : onder Android is het risico niet denkbeeldig dat je al jouw passkeys kwijtraakt of dat ze niet syncroniseren naar een ander toestel.

Onder iOS en iPadOS zijn er omstandigheden waarbij iemand, die een ontgrendelde iPhond of iPad in handen heeft (zoals een dief die zo'n apparaat uit jouw handen grist op het moment dat je het gebruikt), met 0FA van jouw iCloud wachtwoorden en passkeys gebruik kan maken.

infosec.exchange/@ErikvanStrat

Allemaal "wontfix" door Apple/Google en het Chromium team.

@roman78

Infosec ExchangeErik van Straten (@ErikvanStraten@infosec.exchange)Attached: 1 image @ryanrowcliffe : thanks for your kind response. I fully agree that if software (instead of the user) checks the website name (domain name) before submitting *any* credentials, is a perfect solution for most of the "fake site" attacks (except https://infosec.exchange/@ErikvanStraten/112914047006977222). Unfortunately passkey implementations are insufficiently mature for the masses (I'm not talking about my *personal* situation). And I do like passkeys, but they must work flawlessly before I'm going to advise anyone to use them. People who never used a pw manager will *not* install one to use passkeys. On their tablets and smartphones (marktshare increasing) they'll use Apple's or Google's. During my research I found at least three ways to fully unexpectedly lose access to part or all of one's Android passkeys: 1) The unexplicable and fearsome Android screen reading "Your encrypted data is locked on this device" (Google it or see https://infosec.exchange/@ErikvanStraten/113730072998238596) when trying to use passkeys. This is a long time bug that, afaik, has not been fixed. 2) For privacy reasons, setting up a passphrase for Chrome sync is a good idea. However, if you ever want to change or remove that passphrase, Google directs you to the bottom of https://chrome.google.com/sync (see the screenshot below). Tapping "Delete data" will delete ALL of your passkeys (on all your Android devices) without warning. Note: this text notably is the "fix" made by Adam Langley in response to my post to https://seclists.org/fulldisclosure/2024/Feb/15 (after wasting a long time after my bugreports to the Google and Chrome team): before it read "This won't delete any data from your devices". Note: it appears to be a misconception that passkeys are synced from your device(s) to the cloud. They're cloud-based and sync to your devices. Google stores the encryption keys and, afaik, generates them on their servers. Furthermore, bugsolving is hampered by the fact that both Google and (separate) Chrome teams have to handle them. 3) If you have more than one Android device, you may run into the situation where your passkey's private keys are encrypted using *different* encryption keys. They will sync fine to other devices, but are unusable on them (see my FD post). I've not tested this for quite some time, so this issue may have been fixed (if Google did, they didn't bother to notify me). Google online help is horrific: https://infosec.exchange/@ErikvanStraten/113730722652512878. Edited 12:10 UTC to add: a somewhat acceptable translation from Dutch to English of my writeup "Passkeys for laymen" can be seen by opening https://www-security-nl.translate.goog/posting/798699/Passkeys+voor+leken?_x_tr_sl=nl&_x_tr_tl=en&_x_tr_hl=nl (it appears to work in Chrome, looks like a phishing link and has a certificate with a zillion of different domain names 🤔). The original article, in Dutch, can be seen in https://www.security.nl/posting/798699/Passkeys+voor+leken. 🧵1/2 @agl #Passkeys #Immature #ImplementationFlaws

Vulnerability Report – January 2025

With significant improvements in gathering sightings and vulnerability information in recent weeks, vulnerability-lookup has become a great resource for automatically generating vulnerability threat landscape reports.

The tooling is open source and you can reuse it or extend to add your own sources, sighting or improve it.

We have many ideas for vulnerability-lookup project and we welcome new contributors.

#cve #opensource #threatintelligence #threatintel #vulnerability #vulnerabilities #fosdem #fosdem2025 #fosdem25

🔗 Report vulnerability-lookup.org/2025/
🔗 Open source code github.com/vulnerability-looku
🔗 Online version vulnerability.circl.lu/
:github: org github.com/vulnerability-lookup

The project team will be also present at hackathon.lu (April 8th and 9th, 2025 in Luxembourg) hackathon.lu/projects/#vulnera

@circl @cedric

The Key to COMpromise - Abusing a TOCTOU race to gain SYSTEM, Part 2

In joined research between cirosec and Neodyme several vulnerabilities were found in Antivirus (AV) and Endpoint Detection and Response (EDR) products that could, in theory, allow privilege escalation to SYSTEM on millions of devices, assuming initial access was gained.

In part two of this blog series we demonstrate how COM hijacking was leveraged to gain SYSTEM privileges for exploiting AVG Internet Security (CVE-2024-6510 ) to gain privileges.

Find out more on our website at cirosec.de/en/news/the-key-to-.

In the face of evolving #CyberSecurity threats, including challenges to critical infrastructure like #SCADA systems, it’s never been more essential to master the fundamentals. The true power lies not in memorization but in understanding where to look, how to reason through problems, and leveraging tools, including #AI, to combat today’s sophisticated #vulnerabilities and #threats.

As attackers innovate, targeting everything from industrial control systems to cloud environments, we must focus on core skills like #Assembler in x64 and ARM. These foundations are critical for dissecting malware, hardening systems, and responding to breaches.

Adaptability, curiosity, and a commitment to continuous learning are our best defenses. Let’s rise to the challenge, sharpen our tools, and secure the future. The cyber battlefield is dynamic—our preparation must be, too.