prompts

now browsing by tag

 
 

#hacking | XSS vulnerability in CKEditor prompts need for Drupal update

Source: National Cyber Security – Produced By Gregory Evans


John Leyden

20 March 2020 at 14:20 UTC

Updated: 20 March 2020 at 14:29 UTC

Text editor flaw spawns CVE

A vulnerability in a third-party library component has had a knock-on effect on software packages that rely on it, including the Drupal content management system.

The issue involves a cross-site scripting (XSS) bug in CKEditor, a rich text editor that comes bundled with various online applications.

An attacker might be able to exploit the XSS vulnerability to target users with access to CKEditor. This potentially includes site admins with privileged access.

Exploitation is far from straightforward and would involve tricking potential victims into copying maliciously crafted HTML code before pasting it into CKEditor in ‘WYSIWYG’ mode.

“Although this is an unlikely scenario, we recommend upgrading to the latest editor version,” developers of CKEditor explain in an advisory, issued earlier this month.

CKEditor 4.14 fixes this XSS vulnerability in the HTML data processor, discovered by Michał Bentkowski of Securitum, as well as offering featuring improvements and resolution for an unrelated XSS vulnerability in the third-party WebSpellChecker Dialog plugin.

An advisory from Drupal, issued on Wednesday, instructs users to update to a version of the CMS that feature the updated version of CKEditor in order to mitigate the vulnerability.

In practice, this means upgrading to either Drupal 8.8.4 or Drupal 8.7.12.

The security flaw is described as “moderately critical” by Drupal, even though attackers would need to be able to create or edit content in order to attempt exploitation.

READ MORE WordPress Terror: Researchers discover a massive 5,000 security flaws in buggy plugins

Source link

The post #hacking | XSS vulnerability in CKEditor prompts need for Drupal update appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | Windows SMB: Accidental bug disclosure prompts emergency security patch

Source: National Cyber Security – Produced By Gregory Evans


John Leyden

13 March 2020 at 12:45 UTC

Updated: 13 March 2020 at 12:49 UTC

Don’t Panic: Potentially wormable flaw only present in latest systems

Microsoft released an out-of-band security update to patch a remote code execution (RCE) vulnerability impacting Server Message Block (SMB) on Thursday, just two days after its regular Patch Tuesday releases.

The software vendor was obliged to rush out a fix after security partner inadvertently disclosed details of the flaw, which is of a type previously exploited by high-profile threats such as the WannaCry worm.

If left unaddressed, the vulnerability (CVE-2020-0796) in Microsoft SMB 3.1.1 (SMBv3) could be exploited by a remote attacker to plant malicious code on vulnerable systems.

Exploitation would involve sending a specially crafted, compressed data packets to a targeted SMBv3 server.

The flaw stems from bugs in how “Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests”, an advisory from Microsoft explains.

New flaws on the Block

SMB is a networking protocol that’s used for sharing access to file and printers. The same protocol that was vulnerable to the EternalBlue (CVE-2017-0144) exploit harnessed by the infamous the WannaCry ransomware.

The vulnerability exists in a new feature that was added to Windows 10 version 1903, so older versions of Windows do not support SMBv3.1.1 compression are immune from the security flaw.

Both Windows 10 clients and Windows Server, version 1903 and later, need patching

Preliminary scans by security experts suggest only 4% of publicly accessible SMB endpoints are vulnerable.

Server-side workarounds have been released for organizations running affected software but unable to rapidly roll out patches. This includes disabling compression for SMBv3 as well as blocking TCP port 445 at the perimeter firewall.

Accidental disclosure

Satnam Narang, principal security engineer at security tools vendor Tenable, commented: “The vulnerability was initially disclosed accidentally as part of the March Patch Tuesday release in another security vendor’s blog.

“Soon after the accidental disclosure, references to it were removed from the blog post.”

At the time of writing, no proof of concept exploit code for CVE-2020-0796 has been publicly released.

Narang added that how readily exploitable this vulnerability might prove to be currently remains unknown.

“This latest vulnerability evokes memories of EternalBlue, most notably CVE-2017-0144, a remote code execution vulnerability in SMBv1 that was used as part of the WannaCry ransomware attacks,” Narang explained.

“It’s certainly an apt comparison, so much so that researchers are referring to it as EternalDarkness. However, there is currently little information available about this new flaw and the time and effort needed to produce a workable exploit is unknown.”

RELATED Microsoft Exchange Server admins urged to treat crypto key flaw as ‘critical’

Source link

The post #hacking | Windows SMB: Accidental bug disclosure prompts emergency security patch appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | hacker | Bug prompts Let’s Encrypt to revoke over 3M TLS certificates

Source: National Cyber Security – Produced By Gregory Evans

Beginning today, Let’s Encrypt is revoking more than 3 million of its Transport Layer Security (TLS) certificates, following the discovery of a bug that affects the way it rechecks CAA (Certificate Authority Authorization) records.

“Most subscribers issue a certificate immediately after domain control validation, but we consider a validation good for 30 days,” explained Jacob Hoffman-Andrew, Let’s Encrypt engineer, in a Feb. 29 post on the on-profit certificate authority’s website. However, in cases where cert issuance is delayed for more than eight hours, Let’s Encrypt must recheck CAA records, even though the records were originally checked during the domain control validation process. That’s where the vulnerability comes into play.

Hoffman-Andrew described the bug, which was introduced on July 25, 2019, as follows: [W]hen a certificate request contained N domain names that needed CAA rechecking, Boulder would pick one domain name and check it N times. What this means in practice is that if a subscriber validated a domain name at time X, and the CAA records for that domain at time X allowed Let’s Encrypt issuance, that subscriber would be able to issue a certificate containing that domain name until X+30 days, even if someone later installed CAA records on that domain name that prohibit issuance by Let’s Encrypt.”

Altogether, 3,048,289 certificates are infected, or roughly 2.6 percent of the approximately 116 million active certificates issued by Let’s Encrypt, which is operated by the San Francisco, Calif.-based Internet Security Research Group. One million of these are duplicates of certificates that typically are reissued on a frequent basis, Hoffman-Andrew further explained on the Bugzilla website as well as in an FAQ page on the Let’s Encrypt site.

Let’s Encrypt identified its CA software vendor is Boulder. The cert authority said the bug was originally reported by a Let’s Encrypt community member on February 18 and was fixed on Feb. 29. Let’s Encrypt has since created a tool for users to determine if they are affected by the vulnerability. Affected subscribes are encouraged to renew and replace their impacted certificates.

Original Source link

The post #cybersecurity | hacker | Bug prompts Let’s Encrypt to revoke over 3M TLS certificates appeared first on National Cyber Security.

View full post on National Cyber Security

Japan ATM heist prompts call for vigilance from South Africa central bank

Customers queue to draw money from an ATM outside a branch of South Africa's Standard Bank in Cape Town, March 15, 2016. REUTERS/Mike HutchingsYour ads will be inserted here byEasy Plugin for AdSense.Please go to the plugin admin page toPaste your ad code OR Suppress this ad slot. The theft of $13 million from ATMs in Japan using counterfeit cards from South African lender Standard Bank prompted a call for vigilance from South Africa’s central bank on Wednesday. […] View full post on AmIHackerProof.com | Can You Be Hacked?

F-35 cyber security testing delay prompts vulnerability concerns

Source: National Cyber Security – Produced By Gregory Evans

F-35 cyber security testing delay prompts vulnerability concerns

The F-35 fighter jet could allegedly be vulnerable to cyber attacks, according to concerns raised in recent reports focusing on the potential vulnerability of the F-35 computer. US political website, Politico first reported in September that “military officials delayed key cyber-security testing of the F-35 fighter jet out of concerns the drills could damage the sophisticated software that serves as the backbone of the next-generation aircraft’s operations.” The Politico report said the delays had not previously reported and were confirmed by the F-35 Joint Program Office (JPO). The breaking Politico report from November 9 said: “Those pushing for the drills to be conducted as planned said there was irony in the program office’s concerns that cyber tests could damage the fighter program and disrupt real-world F35 operations”. The report continued that “…Those concerns which delayed the testing are exactly why the tests are necessary for the Lockheed-Martin built plane, and for the testing to ensure the Navy, Air Force and Marine Corps can maintain air dominance for decades to come.” The tests are needed to determine the strength of the F-35 cyber security system or whether the computer system is vulnerable to hackers. Source: http://www.themanufacturer.com/articles/f-35-cyber-security-testing-delay-prompts-vulnerability-concerns/  

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post F-35 cyber security testing delay prompts vulnerability concerns appeared first on National Cyber Security.

View full post on National Cyber Security

Court appearance for man charged in child sex trafficking sting prompts online safety discussion

Police say a court appearance Thursday for an Onalaska man charged with a child sex crime should serve as a reminder to parents to be vigilant about what their kids are doing online.

The series of events that led to the arrest began with a police officer posting an ad online pretending to be a 14-year-old girl.

The ad was placed with the intention of identifying people interested in having sexual contact with minors.

Town of Campbell Police said a man responded to the ad and had communication online with the officer whom he thought was the 14-year-old girl.

On Thursday that man made a court appearance.

Read More

The post Court appearance for man charged in child sex trafficking sting prompts online safety discussion appeared first on Parent Security Online.

View full post on Parent Security Online

Campus Rape Docu ‘The Hunting Ground’ Prompts He Said, She Said Dialogue On Alleged Assault By FSU Star Jameis Winston

The Kirby Dick-directed documentary The Hunting Ground premiered at the Sundance Film Festival to strong reviews about its investigation of sexual assaults on campus, and the difficulty victims encounter when school bureaucrats try to handle disputes internally. Radius-TWC just opened it in limited release on Friday, and the docu has already created a he-said-she-said dialogue between Florida State University, the school where standout quarterback

The post Campus Rape Docu ‘The Hunting Ground’ Prompts He Said, She Said Dialogue On Alleged Assault By FSU Star Jameis Winston appeared first on Dating Scams 101.

View full post on Dating Scams 101

Proposed Missouri Medical Child Abuse Law Prompts Sharp Division

JEFFERSON CITY, Mo. — A Missouri lawmaker says he wants to protect parents’ rights to make medical decisions for their children, but critics say his bill could leave children in danger of being abused with no legal way to stop it.

House Bill 217 sponsored by Representative Ken Wilson (R-Smithville) would bar the charging of a parent or legal guardian with child abuse or neglect if he or she has sought and is following the course of treatment for a child outlined by a medical or mental health provider, and would bar the reporting of possible abuse based on the parent or guardian’s decision to follow such a course of treatment.

Read More

The post Proposed Missouri Medical Child Abuse Law Prompts Sharp Division appeared first on Parent Security Online.

View full post on Parent Security Online

Warrant error prompts dismissal of child porn charges against ex-deputy Read more: http://host.madison.com/news/local/crime_and_courts/warrant-error-prompts-dismissal-of-child-porn-charges-against-ex/article_f04f461e-44ae-50b6-b19b-ca99cf9d429c.html#ixzz3OuBF3fim – Parent Security Online

parentsecurityonline.com – Child pornography possession charges against a former Dane County sheriff’s deputy were dismissed Wednesday after a judge ruled that there was a fatal cut-and-paste error on a search warrant that l…

View full post on Hi-Tech Crime Solutions Weekly

Customer Not Present threat prompts response from US providersNational Cyber Security

nationalcybersecurity.com – As the US moves to adopt EMV chip and PIN cards and mobile payments, authentication is becoming a serious concern, particularly for customer not present transactions – evidenced by the number of Mo…

View full post on Hi-Tech Crime Solutions Weekly