Wild exploitation of SAP business application

Wild exploitation of SAP business application

On May 11, 2016, US-CERT has released an alert of vulnerability in SAP business applications. This vulnerability was first identified back in 2010 and a patch was also released at the same time. This vulnerability was being leveraged to exploit the SAP Systems of many huge organizations.

The question arises that if this vulnerability was patched five years ago, why releasing an alert again?

To answer that question, we have to refer a research report of Onapsis which indicates the exploitation of the same vulnerability in over 36 organizations’ SAP System. Report indicates the misuse of Invoker Servlet, built in functionality of SAP java platform.  The prime reason of the exploit was that SAP systems were still outdated or misconfigured which led to the abuse of this vulnerability.

Are you safe from DROWN attack ?

Are you safe from DROWN attack ?

DROWN stands for "Decrypting RSA with Obsolete and Weakened Encryption." You should not panic from DROWN attack but treating of the vulnerability is necessary for affected applications. It is a serious vulnerability and affects HTTPS that relies on SSL and TLS. Everyone on the Internet uses these protocols to browse the web, email etc and send instant messages by preventing third-parties being able to read the communication. This attack allows attacker to read or even steal sensitive communications, which may include passwords, credit card information, trade secrets etc by breaking encryption.

The attack is not insignificant and can be launched against high-value targets. Before you strive for its remediation, you should first ensure that your systems are not vulnerable. Fortunately, it's remediation is very simple and straightforward: just disable SSL v2 on all servers you have.

WhatsApp Users Vulnerable to vCard Vulnerability

WhatsApp Users Vulnerable to vCard Vulnerability

WhatsApp recently claimed to have hit 900 Million monthly active users, but a dangerous security flaw in the web version of the popular instant messaging app puts up to 200 Million of its users at risk.
Yes, the web-based extension of WhatsApp is vulnerable to an exploit that could allow hackers to trick users into downloading malware on their computers in a new and more sophisticated way.
WhatsApp made its web client, WhatsApp Web, available to iPhone users just last month, after first rolling out its web-based instant messaging service for Android, Windows and BlackBerry Phone earlier in the year.

A New Attack Vector - Cross Site Flashing

A New Attack Vector - Cross Site Flashing

Flash Applications are used all around the web. These applications could be very complex and insecure. There is no real awareness about flash security.

What fascinates me to write this article is the name i.e. Cross Site Flashing similar to Cross Site Scripting.

Cross Site Flashing is an incredibly common vulnerability. It occurs due to the presence of flash content embedded inside a Web Application which tries to load flash content from  from another domain based on user’s input without any validation. 

Vulnerability that can lead victim to an Accident

This is the Future of 'Internet of Things'

‘UConnect’ is an infotainment system that brings interactive ability to the in-car radio and telemetric-like controls to car settings.

There has a vulnerability been identified which, on being exploited, can really mess with your car controls. A group of Vulnerability researcher has displayed how to remotely hack such a system, sitting in a room miles away.

A vulnerable element in UConnect device, lets anyone who knows the car’s IP address gain access from anywhere via the Sprint cellular connection used by Uconnect. At first, hacker is very much capable to rewrite the car’s head unit firmware to implant the malicious code, which is capable of sending custom commands through the CAN bus, the car’s internal computer network, to the physical components like the engine and wheels.

Vulnerability Management - Step 0

Vulnerability Management - Step 0

Compliance is critical, necessary and not evil. Every organization wants to meet the compliance requirements and doing risk assessments, vulnerability management are key to achieve critical requirements.

Most of the times the organizations just see Vulnerability Management as another checkbox in pursue of compliance and forget or ignore many different aspects or they don’t have concrete foundations to carry out a well drilled and oiled Vulnerability Management process and the process complicates or fails mid-way.  Our job is to make the process as smooth as possible and sometimes it is better to start at step 0.

libuser - Library Vulnerability in Red Hat 6 and 7

Red Hat has recently patched two vulnerabilities related to the libuser library, which could be exploited by an attacker to escalate privileges to root. libuser is a library that provides read and write access to files like /etc/passwd, which constitute the system user and group database. Qualys security firm Researchers have discovered this vulnerability.The vulnerability affect all versions of the libuser library included in RHEL 6 and 7. All System administrators can apply updates from operating system vendor to address this vulnerability.

Cross-Site Scripting - Expounded

Cross Site Scripting

Through this article I would like to explain more about Cross-Site scripting. For this, I will introduce two imaginary characters, Peter and Bob – Peter is a Network Security Engineer and Bob, Information Security Engineer. I will take you through one of their discussions about Information Security.

Peter – Hey Bob, whats up ? How was last week ? I was very busy last week, Hows it going ?

Bob – Hey Peter, nothing much. Last week it was hectic. Was working on one presentation about Cross-site scripting. There were some new joiners in my team. So my manager wanted me to give some presentation on it and I was working with that.

Peter – Ohh..Great..So, some new learning. Can you explain me something more about it.

Bob – Sure, so tell me where to start?

Peter – We will start with the basics of Cross-Site scripting?

Classifying vulnerabilities into specific types

Classifying vulnerabilities

If anybody asks you to classify vulnerabilities the first thing that comes to mind is to mark them as High, Medium, and Low. At least that is what the majority of security engineers would respond as an answer.
Recently while responding to an RFP we came across an interesting section of RFP where it asked for our process to identify new classes of vulnerability. As our vulnerability assessment and penetration testing service is a combination of automated with manual verification techniques, we had to think of ways to bring this simple but tactical ask in our response.


Subscribe to RSS - Vulnerability