Archive for May, 2017

HTML 5 new API allows us to grab the audio\video output right from the browser. No need for cumbersome native Windows interfaces or weird browser plugins. Both Firefox and Chrome (and Edge soon) allow any JavaScript code to gain access to the laptop\tablet\phone\whatever camera and microphone. Continue reading

After getting the audio\video usage permissions for WebRTC. JS code can record video\audio without showing the graphical red dot in the tab when the record process is running. i.e. – after the permission is given the site can listen to the user whenever he want to. It is done because JS `` method does not give visual indication on record init. Continue reading

We discovered a vulnerability in Sudo’s get_process_ttyname() for Linux: this function opens “/proc/[pid]/stat” (man proc) and reads the device number of the tty from field 7 (tty_nr). Unfortunately, these fields are space-separated and field 2 (comm, the filename of the command) can contain spaces (CVE-2017-1000367). Continue reading

On Linux systems, sudo parses the /proc/[pid]/stat file to determine the device number of the process’s tty (field 7). The fields in the file are space-delimited, but it is possible for the command name (field 2) to include white space (including newline), which sudo does not account for. A user with sudo privileges can cause sudo to use a device number of the user’s choosing by creating a symbolic link from the sudo binary to a name that contains a space, followed by a number.

Continue reading

Barreling through space near the inner edge of Saturn’s wispy D ring, NASA’s Cassini spacecraft shielded itself from bits of ice and dust Sunday as the probe made its most dangerous plunge close to the planet, collecting spectacular edge-on views of Saturn’s rings with an on-board camera. Continue reading

IN RECENT YEARS, the rollout of desktop processors has felt a bit stale. You generally know what you’re going to get: a little more power, a little more efficiency. And while Intel’s latest update doesn’t reinvent the chip, it does provide obscene horsepower at a time when that’s increasingly all that matters. Continue reading

Dridex: A History of Evolution

The Dridex banking Trojan, which has become a major financial cyberthreat in the past years (in 2015, the damage done by the Trojan was estimated at over $40 million), stands apart from other malware because it has continually evolved and become more sophisticated since it made its first appearance in 2011. Dridex has been able to escape justice for so long by hiding its main command-and-control (C&C) servers behind proxying layers. Continue reading

After the Week of WannaCry, the ransomware scene looks to be going back to normal, with the persistent ransomware known as Cerber (Detected by Trend Micro as RANSOM_CERBER family) jumping back in the limelight—this time using the “Blank Slate” spam campaign that was discovered in early 2017.  Continue reading

The implementation of TTLS and PEAP in FreeRADIUS skips inner authentication when it handles a resumed TLS connection. This is a feature but there is a critical catch: the server must never allow resumption of a TLS session until its initial connection gets to the point where inner authentication has been finished successfully. Continue reading