vulnerabilities Archives - Hack Ware News https://hackwarenews.com/tag/vulnerabilities/ News, ethical hacking, cyber crime, network security Thu, 25 Oct 2018 13:49:16 +0000 en-US hourly 1 https://wordpress.org/?v=6.6.2 How to Secure Your Linux Server https://hackwarenews.com/how-to-secure-your-linux-server/ https://hackwarenews.com/how-to-secure-your-linux-server/#respond Wed, 03 Oct 2018 22:54:57 +0000 https://hackwarenews.com/?p=5323 How to Secure Your Linux Server It’s important for anyone running a Linux server, or any type of server for that matter, secure. Especially if it communicates with the outside world. Servers are like your houses in the digital realm. They have to be kept secure from intruders. So you have a Linux server, here’s […]

The post How to Secure Your Linux Server appeared first on Hack Ware News.

]]>
How to Secure Your Linux Server

It’s important for anyone running a Linux server, or any type of server for that matter, secure. Especially if it communicates with the outside world. Servers are like your houses in the digital realm. They have to be kept secure from intruders. So you have a Linux server, here’s how to secure it.

  • Keep Your Server Clean and Lean

In other words, keep it simple, but secure. Install the apps and run only the services that you need. Additional apps, introduce vulnerabilities as well as unpatched services that can be exploited by external malicious actors. Keeping the server clean and lean also speeds up its performance. Also, depending on the Linux distro, a number of extra services will be run by default. Keep an eye out for those services. Check if they’re really important and if they are, make sure they’re updated.

A simple netstat –npl command in the terminal will show you all the running services and the ports they use. That’s another thing. These services might be using some ports you want to keep closed. Disable unwanted services with the following command.

Systemctl disable service_name

 

  • Do not Log in as Root

It’s no secret that logging in as Root user gives you unrestricted access to everything in your Linux setup. And for many Linux users, it’s the easiest way to use Linux which is why most newbies log in as Root. Malicious attackers know this too. When users log in as Root, any running apps and services with vulnerabilities also give attackers unlimited access to everything else. The best practice for Linux users, is to create a user with enough sudo access to perform most tasks and only switch to Root when needed.

In Ubuntu for example, you can add a new user with sudo powers by typing in the following at the terminal:

adduser usercansudo

qpasswd –a usercansudo sudo

Afterwards, log out of the system and login as the new user then disable the Root user by editing the sshd_conf file.

Nano /etc/ssh/sshd_conf

Look for this commented item: #PermitRootLogin no

Remove the comment, save the file and restart the ssh service using the following command:

systemctl restart sshd

 

  • Keep the Server to Yourself and others you Trust

Restrict access to your server to just you and others you implicitly trust. In the previous item, create as many users as you can with level access and disable root. The fewer the better though.

  • Port Change

When logging in remotely, the default port for ssh is 22 which is what most people, including attackers would do to get into a Linux server. This port can be changed and by changing this port, eavesdroppers, attackers and bots will be left guessing how to log in to your system. It’s simple but effective. To change the ssh port, we go back to the sshd_conf file. You can issue the following commands:

sudo nano /etc/ssh/sshd_conf

 

Find the commented port line:

#Port 22

 

Uncomment it and change the port number to something else. Feel free to change 22 to something between 1024 and 32,767 but make sure that no other service uses your chosen number. Then save the file. Restart the ssh service.

systemctl restart sshd

 

You can check  if it works by logging in through ssh with this command:

ssh -p{port_number}@server_IP

Example:

ssh –p1027 192.168.10.11

  • Always Keep Your Server Patched and Updated

You’ve probably read plenty of articles regarding vulnerabilities that no basic user could probably think of but continuously explored by determined hackers out for a quick buck. No server is secure, not even Linux and the best defense for this, apart from a good firewall and anti-malware programs, is to keep your operating system and its packages updated. Always be on the lookout for core or kernel updates.

 

[stackCommerce layout=”2″ count=”5″ sort=”best_sellers”][/stackCommerce]

The post How to Secure Your Linux Server appeared first on Hack Ware News.

]]>
https://hackwarenews.com/how-to-secure-your-linux-server/feed/ 0
Google’s Project Zero has discovered a major Linux kernel vulnerability https://hackwarenews.com/googles-project-zero-has-discovered-a-major-linux-kernel-vulnerability/ https://hackwarenews.com/googles-project-zero-has-discovered-a-major-linux-kernel-vulnerability/#respond Fri, 28 Sep 2018 23:44:00 +0000 https://hackwarenews.com/?p=5210 Google’s Project Zero has discovered a major Linux kernel vulnerability. This vulnerability exists for kernel versions 3.16 through to 4.18.8, beginning in August 2014. Project Zero is the name of a team of security analysts employed by Google and tasked with finding zero-day vulnerabilities.   The vulnerability is a use-after-free (UAF) attack, which works by […]

The post Google’s Project Zero has discovered a major Linux kernel vulnerability appeared first on Hack Ware News.

]]>
Google’s Project Zero has discovered a major Linux kernel vulnerability. This vulnerability exists for kernel versions 3.16 through to 4.18.8, beginning in August 2014. Project Zero is the name of a team of security analysts employed by Google and tasked with finding zero-day vulnerabilities.

 

The vulnerability is a use-after-free (UAF) attack, which works by exploiting the cache invalidation bug in the Linux memory management system, allowing an attack root access to the target system. UAF vulnerabilities are a type of memory-based corruption bug. Once attackers gain access to the system, they can cause system crashes, alter or corrupt data, and gain privileged user access.

 

Jann Horn, the white hat hacker who discovered the vulnerability says his PoC has been made available to the public and “takes about an hour to run before popping a root shell”. Linux kernel maintainers have responded to the vulnerability rapidly, fixing the issue with a patch in only two days. Linux kernel maintainers fast response has put other Linux distributions under scrutiny after Debian and Ubuntu took over a week to provide updates on the issue.

Two versions, Debian 16.04 and Ubuntu 18.04 have still not been patched as of Wednesday 26 September. Ubuntu have responded to the criticism to announce they will likely be ready to release the patches around October 1.

 

Researcher Horn warns that although this vulnerability has been patched, attackers may find another way, this is particularly a concern since Linux distributions don’t publish kernel updates regularly. This vulnerability highlights the importance of having a secure kernel configuration and is something users should be vigilant about.

 

This is the latest in notable discoveries for Jann Horn, who also discovered the Meltdown and Spectre vulnerabilities affecting modern CPUs.

[stackCommerce layout=”2″ count=”5″ sort=”best_sellers”][/stackCommerce]

The post Google’s Project Zero has discovered a major Linux kernel vulnerability appeared first on Hack Ware News.

]]>
https://hackwarenews.com/googles-project-zero-has-discovered-a-major-linux-kernel-vulnerability/feed/ 0
WhatsApp vulnerability allows users to easily spread fake news https://hackwarenews.com/whatsapp-vulnerability-allows-users-to-easily-spread-fake-news/ https://hackwarenews.com/whatsapp-vulnerability-allows-users-to-easily-spread-fake-news/#respond Thu, 16 Aug 2018 05:06:57 +0000 https://hackwarenews.com/?p=4701 WhatsApp vulnerability allows users to easily spread fake news. WhatsApp, the hugely popular Facebook-owner messaging application, has recently come under scrutiny as multiple vulnerabilities have been uncovered. With over 1 billion users and more than 60 billion messages sent every day, security flaws are a serious concern as they have the potential to have far-reaching […]

The post WhatsApp vulnerability allows users to easily spread fake news appeared first on Hack Ware News.

]]>
WhatsApp vulnerability allows users to easily spread fake news. WhatsApp, the hugely popular Facebook-owner messaging application, has recently come under scrutiny as multiple vulnerabilities have been uncovered.

With over 1 billion users and more than 60 billion messages sent every day, security flaws are a serious concern as they have the potential to have far-reaching impacts across the world.

Researchers at Israeli security company Check Point have brought to light the security flaws in WhatsApp’s protocols and design framework, which have a loophole enabling the creation and spreading of fake news under the guise of “trusted sources”.

Essentially, malicious users are able to intercept and modify the content of messages sent through both private and group conversations. This can be an easy way of spreading fake news.

What are the possible “attacks”?

The problem lies with how the WhatsApp mobile apps connect with the corresponding WhatsApp Web, and the way it decrypts encrypted messages using the protobuf2 protocol.

Specifically, the “quote” feature is where the vulnerability is exemplified. Hackers can use this feature to perform 3 types of attacks:

  1. Change the identity of the original sender – impersonate another person from the group, or even a non-existent group member by simplify changing the name of the person being quoted.
  2. Modify the content of someone else’s message in a group chat – put words in their mouth and mislead others. Make it seem like someone said something controversial or offensive.
  3. Send private messages to a group participant disguised as a message to everyone – the target participant will see one message while everyone else sees something else, but nobody realizes this is happening. Only if the targeted participant replies then the content gets exposed to everybody.

How were these security flaws discovered?

The team of security researchers at Check Point (Dikla Barda, Roman Zaikin, and Oded Vanunu) first decrypted the network request of messages being sent via the app. They did this by creating a custom extension for Burp Suite, a popular security software web application. This extension allowed them to easily intercept messages so they could analyse their structure and look for loopholes.

By analysing the decrypted message, they could see all the parameters and variables being used in the messages sent between the mobile app and the web version of WhatsApp. This opened the window of opportunity for manipulating these, and it was quickly discovered that they could modify messages, the sender and target recipient.

It’s worth noting that these exploits can only be performed by members of the group conversation, rather than a 3rd party attacker or someone sniffing the network. However, it’s still a critical security flaw because attackers can achieve all kinds of malicious objectives, including spreading misinformation and fake news, or creating false evidence in their favor.

Check Point has urgently informed WhatsApp about these security flaws, as it’s essential they get addressed as soon as possible. The current status is that they’re being investigated further, so we’re waiting for an update from WhatsApp themselves on the matter.

The post WhatsApp vulnerability allows users to easily spread fake news appeared first on Hack Ware News.

]]>
https://hackwarenews.com/whatsapp-vulnerability-allows-users-to-easily-spread-fake-news/feed/ 0
Computer Security Vulnerabilities to Cyberattacks https://hackwarenews.com/computer-security-vulnerabilities-cyberattacks/ https://hackwarenews.com/computer-security-vulnerabilities-cyberattacks/#respond Thu, 14 Sep 2017 00:44:53 +0000 https://hackwarenews.com?p=1332&preview=true&preview_id=1332 Computer Security Vulnerabilities to Cyberattacks. That is because the only way to be 100% safe from a Cyberattack or a hacker trying to get access to your computer is to pull the plug on the Internet. Unfortunately, for many businesses and individuals that just is not an option and will not happen. It seems no matter […]

The post Computer Security Vulnerabilities to Cyberattacks appeared first on Hack Ware News.

]]>
Computer Security Vulnerabilities to Cyberattacks. That is because the only way to be 100% safe from a Cyberattack or a hacker trying to get access to your computer is to pull the plug on the Internet. Unfortunately, for many businesses and individuals that just is not an option and will not happen.

It seems no matter how much you try to minimize the vulnerabilities in your computer by using sophisticated software programs that are designed to detect outside attacks to your computer or your company’s computer network and eliminate the possible threat. This requires you to be extremely vigilant about the kinds of things you do on the Internet.

Vulnerability of your computer or business computer network

In order for any vulnerability to become a problem there will be three distinct phases involved; an actual flaw or vulnerability in the system, an attacker would have to have access to the system or computer and the attacker has the ability to exploit the specific vulnerability. With that said, there are things anyone can do to help minimize that likelihood that you or your business could be the victim of a cyberattack.

Short of cutting the Ethernet cord and completely isolating your computer or computer network from accessing the Internet altogether, there many steps that you will need to do in order to protect yourself. This will also require you to be extremely vigilant in order to prevent unauthorized access to your computer.

Identifying what cyber vulnerabilities are that threaten your computer or business network

In order to best deal with vulnerabilities, it is important to first understand what are the most common types of cyber vulnerabilities that exist today. Below are what are considered the most common cyber vulnerabilities that can threaten your computer’s security.

5 Most Common Computer Vulnerabilities

  • Injection Vulnerabilities

The injection flaw vulnerability is extra dangerous because it leaves company data vulnerable during specific types of operation that occurs at the program code level and it is not usually easy to find until after the software has been put into production and a skilled hacker could easily gain access of the computer network by exploiting this vulnerability.

  • Buffer Overflows

The Buffer Overflow flaw is one of the most common type of vulnerability and it can be very difficult to detect since it is buried in software code. However, a good hacker will be able to take advantage of the buffer overflow and allow them to gain access to sensitive data before you are even aware of it.

  • Sensitive Data Exposure

Sensitive Data Exposure flaws can leave a companies data vulnerable when it is being transferred from place to place. Most data at rest (stored on servers) is highly protected, but it when the data is being moved it can be susceptible to compromise if you don’t have the right protection.

  • Broken Authentication and Session Management

This type of vulnerability involves a flaw that allows the hacker or cyber attacker to impersonate a company employee and gain access to company data for nefarious reasons or to just cause mischief. This type of vulnerability is made more difficult to mitigate due to the large number of these types of system on the market.

  • Improperly Configured Security

This is where human error often is the culprit and good intentions can lead to even more serious vulnerabilities. Having too much of the wrong type of security software doesn’t make you more secure, it can actually leave you even more vulnerable. Not following sound security practices can also lead to serious company data vulnerabilities.

The post Computer Security Vulnerabilities to Cyberattacks appeared first on Hack Ware News.

]]>
https://hackwarenews.com/computer-security-vulnerabilities-cyberattacks/feed/ 0