Security News #0x5C
- There is an exploit for CVE 2013-0640, which is a vulnerability in Adobe Reader 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02. Exploits for this vulnerability have been in the wild for some time, but an exploit has now made it to exploit-db. I tried the exploit; it is a bit odd as it seems to need Ruby on Windows to generate the malicious .pdf. You can specify your own PE executable as the payload, but the payload is limited in size- under a few hundred KB. For whatever reason though, I could not make it work; probably through some problem at my end.
- If you are reading this blog in Chrome, open a new tab, and put in the URL chrome://settings/passwords. Be sure you want that information there!
- Did you know that EXIF data in an image can be used for cross site scripting attacks? I certainly did not!
- Do you know all there is know about the command shell? If not, you really want to head over to ExplainShell.com. You can enter a complex command, say one you saw online, and explain the different parts of the command. Most cool!
- The virtual machines used in the finals of the 2013 CSAW CTF competition have been released.
- Cobalt Strike can now tunnel beacon data across SMB pipes. My CCDC team is not joyful.
- It looks like there is a new privilege escalation attack in the wild that impacts Windows XP and server 2003. You can check out the Microsoft bulletin, while Network World has some additional coverage. Mind you, if you are still running XP, then you already have some serious problems on your hands- After all, April 8, 2014 is coming soon!
- It looks like it may be possible to use computer speakers and microphones as a covert communication channel. This does not confirm BadBIOS of course, but it is interesting in its own right.
- Recently, a server was found with more than 2,000,000 login credentials for a range of web services. Take a look at the work of Spider Labs and the summary from Ars Technica.