BREAKING NEWS
Short Script Can Make Your Apple Crash and Burn
Short Script Can Make Your Apple Crash and Burn. A couple of months ago, this author needed to fix an issue through an online system with only an iPhone at hand; but the page wasn’t rendering correctly on Safari, so this author downloaded Edge, Chrome and Firefox. But surprisingly, the page still rendered the same wherein a header was blocking an important table row that needed to be edited.
Just realized that Apple’s webpage rendering engine, Webkit was used by all the browsers mentioned as mandated by Apple, meaning that the only difference between all these browsers were their respective little features and not much else. This may now bite Apple’s single-minded rear as a simple CSS script, properly weaponized can cause any Apple device to crash and burn, technically in the opposite order.
It has recently been discovered by a security researcher that Apple’s WebKit rendering engine has a vulnerability that can crash and restart any iOS and MacOS device. Fifteen lines of code is all it would take for any iOS device browsing the web to burn through its resources, crash and then reboot, according to researcher Sabri Haddouche from Wire.
Basically, nesting some web elements within the CSS backdrop filter will cause the device to burn through its resources faster than a lit match and no matter what your favorite browser is, you will encounter this problem just because your device is from Apple.
“The attack uses a weakness in the webkit-backdrop filter CSS property… By using nested divs with that property, we can quickly consume all graphic resources and crash or freeze the OS… All browsers on iOS are affected because the underlying rendering engine is WebKit… as per AppStore rules, it is forbidden to use your own rendering engine.”
–Sabri Haddouche, statement to BleepingComputer
It’s weird how we as consumers get duped into downloading a variety of browsers, saying they’re better when they technically do the same thing; unless you have browser extensions you can’t live without. Apple will still require browser makers to use their WebKit rendering engine to render web pages, which by the way, makes life for them easier.
All that’s left is to add their browser’s respective bells and whistles. The problem is that whatever vulnerability WebKit has, the issue becomes universal. There is no escape from the vulnerability just mentioned and any HTML/CSS bug a website might have as per the situation described in the opening. And since iOS and MacOS share the same rendering engine, Mac users will surely experience the same thing.
Windows, Linux and Android users thankfully have nothing to worry about but Apple has to patch this immediately in case this news makes it mainstream. The lackluster changes Apple made to their sequential iPhone X upgrade and audacious move in scrimping on dongles isn’t helping. This also applied to the newly-released iOS 12.
The good news is, the vulnerability by itself is actually harmless apart from the forced reboot, as no personal or financial information gets leaked outside to malicious parties. This issue becomes an old school case of mischief for pranksters who have no love for Apple and their antics.
These folks can simply spread out a text message that has a link to a webpage that contains this nesting script resulting in crashed iPhones, iPads and Macs (that use Safari). But this simple vulnerability can still be exploited by more malicious persons into doing something different and the potential is high as there are literally hundreds of millions of Apple devices actively used.
The bad news however is that this prank can be made persistent, as Haddouche was able to make a script that actually reloads the same page in case the user restarts the browser that launched it. If you used Safari to access the page, launching it again will freeze or reboot your device.
Thanks to Sabri, Apple has been made aware of this matter and as usual, it may take some time before a patch is issued and actually downloaded.
BREAKING NEWS
UK Fines Facebook over Cambridge Analytica Scandal
UK Fines Facebook over Cambridge Analytica Scandal. The UK has hit Facebook a fine of $645,000 for the Cambridge Analytica Scandal. It was revealed earlier this year that they had harvested the personal data of millions of profiles without the user’s consent and used it for political purposes. It is estimated that 87 million users were affected.
The fine has been enforced by the UK’s Information Commissioner’s Office (ICO) and was calculated using a pre-GDPR formula for data breach fines. Using the UK’s old Data Protection Act to fine Facebook, rather than GDPR they can only give a maximum penalty of £500,000, which is equal to what the social media giant earns every 18 minutes.
GDPR rules dictate a maximum fine of 4% of annual global turnover, which would be $1.6 billion. Unfortunately the the GDPR regulation wasn’t in place when the Cambridge Analytica story broke, coming into force in May 2018.
The UK investigation concluded that Facebook’s APIs had been allowing developers access to users information without them providing proper consent, for a long period of time between 2007 and 2014. Once they realized this loophole existed and patched it up, they did nothing to investigate the data compromised or ensure it was deleted.
[FACEBOOK] should have known better and it should have done better… We considered these contraventions to be so serious we imposed the maximum penalty under the previous legislation. The fine would inevitably have been significantly higher under the GDPR
Information Commissioner Elizabeth Denham said in a statement
Facebook has said they are reviewing the ICO’s findings and stated they “respectfully disagree” with some of the report, but admit they should have done more to protect users data. They also added that they found no evidence that British users profile information was shared with Cambridge Analytica.
BREAKING NEWS
Libssh Security Flaw leaves thousands of servers vulnerable to hijacking
Libssh Security Flaw leaves thousands of servers vulnerable to hijacking. A security flaw in libssh leaves thousands, and potentially more, servers vulnerable to an attack. Libssh is a multiplatform C library which allows users to remotely execute programs, transfer files, manage public keys and use a secure and transparent tunnel.
The security flaw, discovered by Peter Winter-Smith from NCC Group, allows a hacker to bypass the authentication process on the servers and gain access to the system without having to enter a password.
An attacker can do this by sending the SSH server “SSH2_MSG_USERAUTH_SUCCESS” message instead of the “SSH2_MSG_USERAUTH_REQUEST” message that a server usually expects and which libssh uses as a sign that an authentication procedure needs to initiate.
The libssh system will treat this message to mean the authentication has already taken place and allow the attacker access to the server. The flaw (CVE-2018-10933) was released in January 2014 in release 0.6.0.
It’s estimated that the vulnerability currently affects at least 3000 servers, however this is based on a small search and the scale of the problem is not yet known. There were concerns that the popular version control site for developers to work collaboratively on projects, GitHub, was affected but they have released a statement denying this. Github claims the way they use libssh means they are not vulnerable to this exploit.
“We use a custom version of libssh; SSH2_MSG_USERAUTH_SUCCESS with the libssh server is not relied upon for pubkey-based auth, which is what we use the library for,”
a GitHub security official said on twitter
While we use libssh, we can confirm that https://t.co/0iKPk21RVu and GitHub Enterprise are unaffected by CVE-2018-10933 due to how we use the library.
— GitHub Security (@GitHubSecurity) October 16, 2018
The security flaw is only on the server side, meaning users who have a libssh based SSH client installed on their computer will be safe from potential attackers looking to exploit this vulnerability.
While there are currently no public exploits available for the vulnerability, they are easy to put together so these are likely to pop up online in the coming days and weeks.
The team at libssh released versions 0.8.4 and 0.7.6 yesterday to handle this bug.
BREAKING NEWS
Ad Clicker Disguised as a Google Photos App has been Hosted on Microsoft Store.
Ad Clicker Disguised as a Google Photos App has been Hosted on Microsoft Store.
A malicious app called “Album by Google Photos” was found to be hosted on the Microsoft store. The app was pretending to be part of Google Photos, but was in fact an ad clicker that generates hidden adverts within the Windows 10 Operating System.
The ad clicker app seemed credible to users because of its name, and also the fact it claimed to be created by Google LLC, Google’s actual Microsoft store account is Google Inc, but it looks unsuspecting to users. Microsoft came under some criticism for not realising the app was actually malicious software since the user reviews did highlight that the app was fake, with plenty of 1* reviews. One review states “ My paid Anti-malware solution detected several attempts to download malware by this app. Watch out”. The App was first released on the Microsoft store in May.
What did the application do?
The “Album by Google Photos” app is a Progressive Web Application (PWA), which acts as the front end for Google Photos and includes a legitimate login screen. Hidden in the app bundle is also an ad clicker which runs in the background and generates income for the app developers.
The app connects to ad URLS, and the ads were very similar to what users would see from typical adware, including tech support scams, random chrome extensions, fake flash and java installs and general low-quality sites.
Microsoft haven’t commented how this app managed to pass the Microsoft review process before ending up on the store. This is somewhat concerning since it could mean other malicious apps of a similar nature have flown under the radar and are still infecting user’s computers. We are waiting for Microsoft to comment on the issue.
-
GAME REVIEW6 years ago
Top Hacking Simulator Games Every Aspiring Hacker Should Play: Part 1
-
DEALS6 years ago
Great Ethical Hacking Courses for Beginners
-
BREAKING NEWS6 years ago
US Online Retail Company suffered a data breach affecting 6.5 million customers
-
HACKING NEWS6 years ago
The APT attacks hitting East Asia
-
GAME REVIEW6 years ago
Hacknet Review
-
DEALS6 years ago
Music, Voice and Sound interface kits: What you need to know
-
GAME REVIEW6 years ago
Top Hacking Simulator Games Every Aspiring Hacker Should Play: Part 2
-
HOW TO6 years ago
How To Become an Ethical Hacker – Beginners Guide