Security News #0x82
- Tickets are available for BSides Charm, on April 11-12 in Howard County.
- Lenovo shipped PCs with adware that automatically performs a man in the middle attack against any SSL connections made from the system. The tool is called Superfish, and if you are running a Lenovo system and want to remove what can only be considered malware, head over to Lenovo support. If you want to see how the certificate can be exploited, check out Errata Security.
- There is a new privilege escalation attack (with exploit code) for Android systems. The underlying flaw is CVE 2014-7911.
- Someone has been able to reverse engineer the Apple Lightning cable.
- The folks at Google Project Zero have a nice blog entry full of technical goodness on the recent PCRE vulnerability in Flash CVE 2015-0318.
- Do you use random numbers in your C or C++ code? Do you use the
rand()function? Then head over to Explicit C++ and learn!
- Have you considered using HoneyHashes as a way to detect Mimikatz use on a network?
- A new vulnerability, CVE 2015-0240 in Samba was announced. It may be possible to exploit the vulnerability to gain remote code execution without authentication; if so this would be a most significant issue.
- There is a new remote code execution vulnerability in PHP affecting PHP 5.4.1-5.4.3; this includes proof of concept exploit code. The vulnerability has been tentatively assigned the ID CVE-2015-0273.
- Did you know you can include custom payloads in your Metasploit modules?
- Would you like to be able to use Python to script connections to Microsoft RDP servers? Check out RDPY.
- There is a new Metasploit module to attack Java JMX servers.