InfoSec Week 26, 2018
Posted
A reverse shell connection is possible from an OpenVPN configuration file. So be cautious and treat ovpn files like shell scripts.
https://medium.com/tenable-techblog/reverse-shell-from-an-openvpn-configuration-file-73fd8b1d38da
Mozilla integrates Troy Hunts’ Have I Been Pwned (HIBP) database of breached passwords into Firefox. They will make breach data searchable via a new tool called Firefox Monitor.
https://www.troyhunt.com/were-baking-have-i-been-pwned-into-firefox-and-1password/
The suspected ringleader behind the well known Carbanak malware is under arrest, but of course, his malware attacks live on.
https://www.bloomberg.com/news/features/2018-06-25/the-biggest-digital-heist-in-history-isn-t-over-yet
It is possible to attack resources in the private network from the Internet with DNS rebinding attack.
“Following the wrong link could allow remote attackers to control your WiFi router, Google Home, Roku, Sonos speakers, home thermostats and more.”
https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325
Wi-Fi Alliance Introduces Wi-Fi Certified WPA3 Security. Again with a questionable cryptography, but we will see. That’s how industrial alliances with expensive membership works.
https://www.wi-fi.org/news-events/newsroom/wi-fi-alliance-introduces-wi-fi-certified-wpa3-security
IETF published draft of Issues and requirements for Server Name Indication (SNI) encryption in TLS.
The draft lists known attacks against SNI encryption, discusses the current “co-tenancy fronting” solution, and presents requirements for future TLS layer solutions.
https://tools.ietf.org/html/draft-ietf-tls-sni-encryption-03
The unpatched WordPress vulnerability allows code execution for authors. Exploiting the vulnerability grants an attacker the capability to delete any file of the WordPress installation or any other file the PHP process user has the proper permissions to delete.
https://blog.ripstech.com/2018/wordpress-file-delete-to-code-execution/
Researchers identified three attack vectors against LTE (Long-Term Evolution, basically 4G) on layer 2 - an active attack to redirect network packets, a passive identity mapping attack, and website fingerprinting based on resource allocation.
https://alter-attack.net/
Cisco Talos team releases ThanatosDecryptor, the program that attempts to decrypt certain files encrypted by the Thanatos malware.
https://github.com/Cisco-Talos/ThanatosDecryptor
DEDA is a tool that gives the possibility to read out and decode color tracking dots which encode information about the printer. It also allows anonymisation to prevent arbitrary tracking.
https://github.com/dfd-tud/deda