Bulletin de sécurité

Security Bulletin #123 – 8 Juin 2017

  • Text Hover
2017 / 06 / 08

  • Text Hover
  • Text Hover

4 Possible Ways to Make Your Browser Hacker-Proof

Browsers have long been a hot target of numerous hacking-related incidents. They are the primary source of hacking incidents as we search, share, watch and download files from browsers. Moreover, various vulnerabilities exists in browsers, emphasizing the fact of using necessary tools to make your browser hacker-proof. Ensuring that browsers are secured with the essential protocols is important. After all, hackers are becoming exceedingly experienced, penetrating into numerous prominent companies and government agencies this year alone as witnessed from the WannaCry ransomware cyberattack. Although web browsers do a good job at ensuring security loopholes are rectified as early as possible, but more often than not, some updates arrive late and you can’t rely on them alone. It could be that your browser isn’t updating or you’ve got extensions and plugins installed that have potential security loopholes. To ensure your online safety, here are four online security tips that will help keep your browser off hackers: 1) Keep Your Browser Up-to-Date 2) Uninstall Unnecessary Plug-ins 3) Disable Unnecessary Browser Extensions 4) Use VPN Extension

  • Text Hover

Botnets overshadowed by ransomware

Recently, the much-reported WannaCryptor ransomware attack took the media by storm, receiving considerably more coverage than might have been expected for this type of malware, and overshadowing other internet threats at the same time. More dangerous than ransomware, however, is malware capable of taking complete control over affected machines. This malware enables the control of affected machines en masse; in this case, the network of such machines is called a botnet. The reason that botnets pose a bigger threat to the internet than ransomware is that their operators are capable of using them to execute virtually any task with a success rate of close to 100%. Botnets not only harm the owners of infected computers, but others too – they can send out spam, distributing a range of scams or even ransomware; perform so-called DDoS attacks; or be used to cheat advertising networks. Botnets are more dangerous than the ransomware campaigns that the internet has suffered so far. Botnets overall contain hundreds of millions computers (according to the FBI, approximately 500 million computers are infected globally each year). Even without the ultimate threat of encrypting all the bots, botnets are a clear threat and present danger. Thus, both consumers and organizations should work to avoid falling victim to botnet malware. To achieve this goal, a full range of security tools and methods should be deployed – from security training to implementing endpoint and network security solutions to data protection and backup/recovery solutions. Ransomware is pretty visible and painful issue; however, botnets pose a hidden threat – which, if it were ever to materialize, are quite capable of paralyzing the internet.

White-box webcam scatters vulnerabilities though multiple OEMs

The Internet of Things got just a lot worse, with F-Secure unravelling eighteen vulnerabilities in IP cameras from Chinese vendor Foscam. The company complains that after several months, “no fixes have been issued” – in other words, situation normal in IoT-land. The vulnerabilities are: hard-coded credentials in various places, command injections, permission errors, credential leaks, cross-site scripting and more. If, as an attacker, access via an FTP server with an empty password looks too easy, you could exploit the boot shell script, which is world-writable; or you could brute-force the Web interface, FTP or RTSP, none of which restrict login attempts, knowing that you can run these attacks even when the built-in firewall is enabled, because it doesn't work properly. F-Secure provided three examples of attacks: adding a root user without authentication, and switching on the telnet daemon to log in and use FTP to drop a persistent payload (also unauthenticated) – which makes the ability for an authenticated attacker to add a new root user, enable telnet and log in as root look all too easy.

CERT-FR Weekly News Alert


CERTFR-2017-AVI-170           : Multiples vulnerabilities in VMware vSphere Data Protection (VDP) (07 June 2017)

Link: http://cert.ssi.gouv.fr/site/CERTFR-2017-AVI-170.pdf

CERTFR-2017-AVI-169: Multiples vulnerabilities in Linux d’Ubuntu kernel (07 June 2017)

Link: http://cert.ssi.gouv.fr/site/CERTFR-2017-AVI-169.pdf